last executing test programs:

5m34.929736471s ago: executing program 32 (id=133):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000011"], 0x28}}, 0x0)
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f00000003c0)=ANY=[@ANYBLOB="12008864"], 0xfce)

4m27.255001898s ago: executing program 33 (id=523):
r0 = socket(0x200000100000011, 0x3, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000240)={'batadv0\x00', <r2=>0x0})
bind$packet(r0, &(0x7f0000000080)={0x11, 0x0, r2, 0x1, 0x7, 0x6, @multicast}, 0x14)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x800b, 0x4)
sendmsg$netlink(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000300)=ANY=[@ANYBLOB="34000000020000010000000000000000d96e6c8d5e85080045f00d80724e11d569116e3a1ce41e2a560254ea0043"], 0x34}, {&(0x7f0000000500)=ANY=[@ANYBLOB="8401"], 0x184}], 0x2, 0x0, 0x0, 0x20000080}, 0x4000)

3m58.633013749s ago: executing program 34 (id=655):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

3m52.580994945s ago: executing program 6 (id=688):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f00000001c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './cgroup'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x40000, 0x120)
r1 = openat$cgroup_ro(r0, &(0x7f0000000080)='cgroup.freeze\x00', 0x0, 0x0)
mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2000000, 0x12, r1, 0xca7bd000)

3m52.099090664s ago: executing program 6 (id=692):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha384-ssse3\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
pipe(&(0x7f00000045c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
vmsplice(r3, &(0x7f0000000300)=[{&(0x7f0000000180)="ce6c2ae7a279d4be68d924ebb6147c0929cbb8ee23c12a544c9e26cba7fc7973392c0858b4a57505b412d8cd3d1397cebdfc", 0x32}, {&(0x7f00000001c0)="1dfc544ee4ee7a39ff53d7019b377e44d6840895699e8d7d27b94faf6bbbb283eeff94d7bd48e5950367e92a1faeb31f18c921f0f157605b7d0b10a50c87da8f12e104906c27f66a4ae2cfbc4f91aa83f7550de17d7859f1b70609920bfa3ceb38577b2a6ad0ea2ae5cda9bb62c30aa4780d93c5b90a2363042b367abad18b0e9b0e778757e85c65d8559c34b161026275bd2853acc5f3042acdc893ac63e4ea81b10d92f6f5f9c1cfc00607a98472e3fa292e574435b0c8591cc8918bf9", 0xbe}], 0x2, 0x6)
splice(r2, 0x0, r1, 0x0, 0x8000, 0x0)

3m51.788226969s ago: executing program 6 (id=696):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="09000000070000000080000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0, <r1=>0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000280)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000d0039000000000000b4a518110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r2}, 0xc)

3m51.618313022s ago: executing program 6 (id=698):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./file0\x00', 0x200000, &(0x7f0000000240)={[{@noauto_da_alloc}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1}}, {@dioread_lock}, {@norecovery}, {@discard}, {@lazytime}, {@journal_dev={'journal_dev', 0x3d, 0x1}}, {@usrquota}, {@noauto_da_alloc}]}, 0xfe, 0x553, &(0x7f0000000980)="$eJzs3U1vG0UfAPD/Ok7f0udpKlUVcECReqCo1GkSXorEoRwRVFSCe7GSbVTFqavYqZpQifZAL1xQhYQQlRAfgDvHii/Ap+iBShWqIjhwMVpnnbqNnbiJ27j495M2mdkdZ3Y8O+MZj50NYGhNZD8KEa9GxLdJxJG2Y8XID06sp1t7dGM225JoND77M4kk39dKn+S/x/LIKxHx29cRpwqb862trC6UK5V0KY9P1hevTtZWVk9fXizPp/PplemZmbPvzEy//967fSvrmxf+/uHTex+d/ebE2ve/PDh6J4lzcTg/1l6OXbjZHpmIifw5GY1zTyWc6kNmgyTZ6xNgR0bydj4aWR9wJEbyVg/8930VEQ1gSCXaPwyp1jigNbfv0zz4pfHww/UJ0ObyF9ffG4kDzbnRobXkiZlRNt8d70P+WR6//nH3TrZF/96HANjWzVsRcaZY3Nz/JXn/t3NnekjzdB76P3hx7mXjn7c6jX8KG+Of6DD+GevQdndi+/ZfeNCHbLrKxn8fdBz/bixajY/ksf81x3yjyaXLlTTr2/4fESdjdH8W32o95+za/Ua3Y+3jv2zL8m+NBfPzeFDc/+Rj5sr18m7K3O7hrYjXOo5/k436TzrUf/Z8XOgxj+Pp3de7Hdu+/M9X4+eINzrW/+MVrWTr9cnJ5vUw2boqNvvr9vHfu+W/1+XP6v/Q1uUfT9rXa2vPnsdPB/5Jux3b6fW/L/m8Gd6X77terteXpiL2JZ9s3j/9+LGteCt9Vv6TJ7bu/zpd/wcj4osey3/72O2uSQeh/ueeqf6fPXD/4y9/7JZ/b/X/djN0Mt/TS//X6wnu5rkDAAAAAACAQVOIiMORFEob4UKhVFr/fMexOFSoVGv1U5eqy1fmovld2fEYLbRWusfaPg8xlX8ethWffio+ExFHI+K7kYPNeGm2Wpnb68IDAAAAAAAAAAAAAAAAAADAgBjr9P3/1v9bH9njkwOeP7f8huG1bfvvx52egIHk9R+Gl/YPw0v7h+Gl/cPwKq7fzxgYQl7/YXhp/zC8tH8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqwvnz2dbY+3RjdksPndtZXmheu30XFpbKC0uz5Zmq0tXS/PV6nwlLc1WF7f7e5Vq9erUdCxfn6yntfpkbWX14mJ1+Ur94uXF8nx6MR19IaUCAAAAAAAAAAAAAAAAAACAl0ttZXWhXKmkSwICOwoUB+M0BPoc2OueCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAe+zcAAP//eIg3rQ==")
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents64(r0, 0x0, 0x0)

3m50.671774288s ago: executing program 6 (id=704):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000b00)=ANY=[@ANYBLOB="12010000e09d7040460a2196324f01020301090224000100000000090400000206d3450009050102100000000009058b0240"], 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000700)={0x44, &(0x7f0000000680)=ANY=[@ANYBLOB="400a060000006e"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000500)={0x44, &(0x7f0000000240)=ANY=[@ANYBLOB="20131d00000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000a80)={0x10, &(0x7f0000000900)=ANY=[@ANYBLOB="4014ef"], 0x0, 0x0})

3m49.695048066s ago: executing program 6 (id=709):
r0 = syz_open_procfs(0x0, &(0x7f0000000300)='task\x00')
setresgid(0xee00, 0xee01, 0x0)
fchdir(r0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r1 = syz_clone(0x20300000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs(r1, &(0x7f0000000140)='smaps\x00')

3m49.169936035s ago: executing program 35 (id=709):
r0 = syz_open_procfs(0x0, &(0x7f0000000300)='task\x00')
setresgid(0xee00, 0xee01, 0x0)
fchdir(r0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r1 = syz_clone(0x20300000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs(r1, &(0x7f0000000140)='smaps\x00')

3m36.88794335s ago: executing program 0 (id=749):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000000700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x80)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000015c0)=ANY=[@ANYRES32=r2, @ANYRES32=r3, @ANYBLOB="05"], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r2}, &(0x7f00000006c0), &(0x7f0000000700)=r1}, 0x20)
sendmsg$inet(r0, &(0x7f0000000980)={0x0, 0x6000, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0xa00120}], 0x1}, 0x3)

3m36.186804752s ago: executing program 0 (id=751):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x621c2, 0x0)
r1 = io_uring_setup(0x39e1, &(0x7f0000000bc0)={0x0, 0x49fd, 0x12, 0x400, 0x320})
close_range(r1, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x8800000)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x80042, 0x0)
sendfile(r2, r0, 0x0, 0x558410e8)

3m35.382690006s ago: executing program 0 (id=752):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x800810, &(0x7f0000000180)={[{@nobh}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4}}]}, 0xff, 0x23f, &(0x7f0000000540)="$eJzs3T1oLFUYBuB3Zne95t5FrtoI4g+IiAbCtRNsYqMQkBBEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpIm2CiCVdQUsRE0WBgstFiZnURisuLPxh1xngdmZ2b3nPnOMPOe3WbYAK11Nclskk6S6SS9JMXpBnfWy9Xj3c2p3cVkMHjsh2LYrt6vnfS7kmQjyQNJdsoiL3STte2nDn7ae+Se11d7d7+7/eTURE/y2OHB/qNH78y/9sHc/WufffHdfJHZ9H93XhevGPFet0hu+jeK/UcU3aZHwF+x8Mr7X1a5vznJXcP891KmvnhvrFy308t9b/9R3ze///zWSY4VuHiDQa/6DtwYAK1TJumnKGeS1NtlOTNT/4b/qnO5fHF55eXp55dXl55reqYCLko/2X/4o0sfXjmT/287df6B/68q/48vbH1dbR91mh4NMBG31asq/9PPrN8b+YfWkX9oL/mH9pJ/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aK/T+QcA2mVwqeknkIGmND3/AAAAAAAAAAAAAAAAAAAA521O7S6eLJOq+clbyeFDSbqj6neG/0ecXD98vfxjUTX7TVF3G8vTd4x5gDG91/DT1zd802z9T29vtv76UrLxapJr3e75+684vv/+uRv/5PPes2MW+JuKM/sPPjHZ+mf9stVs/bm95ONq/rk2av4pc8twPXr+6VfXb8z6L/085gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmF8DAAD//xFQbUc=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x441, 0x20)
truncate(&(0x7f0000000080)='./file1\x00', 0xf000)
r1 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
sendfile(r1, r1, 0x0, 0x800000009)
fallocate(r0, 0x8, 0x4000, 0x4000)

3m34.752076347s ago: executing program 0 (id=755):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000640)='./file1\x00', 0x3000010, &(0x7f0000000000), 0x3e, 0x51b, &(0x7f0000000100)="$eJzs3c9vI1cdAPDvTOLd7G6KU0CoVKJUtGi3grU3DW0jhKBc4FQJKPclJE4UxY6j2CmbqKKp+A8QEkicOHFB4g9AQj3wB6BKleCCOCBAIARbOCABHTTjsZp17CTQrJ3Gn4/04vfm1/e9sfw8M36ZCWBqPRkRL0bETEQ8ExHVcnpaprt54bC33Nv3X13NUxJZ9vJfk0jKaf1t5eXZiLjRWyXmIuJrX474ZnI8bmf/YGul2WzsluV6t7VT7+wf3N5srWw0NhrbS0uLzy+/sPzc8p2s9J7audDP/PhLn//5p7/1u7t/vvXtvFqf+0hUYqAd56nX9EqxL/ryfbT7MIJNwEzZnsqkKwIAwJnkx/gfjIhPFMf/1ZgpjuYGzEyiZgAAAMB5yb4wH/9OIjIAAADg0kojYj6StFaOBZiPNL1SXhv4cFxPm+1O91Pr7b3ttXxexEJU0vXNZuNOOVZ4ISpJXl4sx9j2y88OlJci4tGI+F71WlGurbabaxO+9gEAAADT4sbA+f8/qmmRP92Q/xMAAAAALq6FkQUAAADgsnDKDwAAAJff4Pm/+/0DAADApfKVl17KU9Z//vXaK/t7W+1Xbq81Olu11t5qbbW9u1PbaLc3inv2tU7bXrPd3vlMbO/dq3cbnW69s39wt9Xe2+7e3XzgEdgAAADAGD368Td+nUTE4WevFSnK+wACPOAPk64AcJ4M9YPp5S7eML0qk64AMHHJKfMN3gEAgPe/mx89/vt///n/rg3A5WasDwBMH7//w/SqGAEIU2u2vAbwgV7x6qjlRv7+/8uzRsqyiDerR6e4vggAAOM1X6QkrZXnAfORprVaxCMR6UJUkvXNZuNOeX7wq2rlal5eLNZMTh0zDAAAAAAAAAAAAAAAAAAAAAAAAAD0ZFkSGQAAAHCpRaR/Soq7+UfcrD49P3h94Eryz2r8sSz88OXv31vpdncX8+l/K57ldSUiuj8opz878vFhAAAAwHlLDkfO6p2nl6+LY60VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFPg7fuvrvbTOOP+5YsRsTAs/mzMFa9zUYmI639PYvbIeklEzJxD/MPXI+KxYfGTeCfLXouyFsPiX3vI8ReKXTM8fhoRN84hPkyzN/L+58Vhn780nixeh3/+Zsv0Xo3u/9Iy8mNFPzes/3nk2NZaQ2M8/tZP671c5Xj81yMenx3e//T732RE/KeObe1fWZYdj/+Nrx8cjGp/9qOIm0O/f5IHYtW7rZ16Z//g9mZrZaOx0dheWlp8fvmF5eeW79TXN5uN8u/QGN/92M/eGRU/b//1IfF/+5te/3tS+58etdEB/3nr3v0P9bLH3oA8/q2nhn7/zsWI+Gn53ffJMp/Pv9nPH/byRz3xkzefOKn9ayP2/2nv/60ztv+Zr37n92dcFAAYg87+wdZKs9nYPSEzd4Zl3o+ZX8xdiGr8j5nstd47d1Hq8/9m8qPVd6f0W3UBKnYkk40l1tXieP6sa10ZU9sn2i0BAAAPwbsH/ZOuCQAAAAAAAAAAAAAAAAAAAEyvcdxKbTDm4WSaCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwov8GAAD//3QT3Gw=")
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x185641, 0x0)
r1 = open(&(0x7f00000003c0)='./bus\x00', 0x84902, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x11, r1, 0x0)
write$FUSE_ATTR(r0, &(0x7f0000000440)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0xffffffffff7ffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6288f669, 0x0, 0xc000}}}, 0x78)

3m33.176071935s ago: executing program 0 (id=761):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5ac, 0x250, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x80, 0x0, [{{0x9, 0x4, 0x0, 0x3, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x4b, 0x64, 0x1, {0x22, 0x4f8}}, {{{0x9, 0x5, 0x81, 0x3, 0x10, 0x4, 0xbc}}}}}]}}]}}, 0x0)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x46d, 0xc71f, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x3, 0x3, 0x0, 0x3, 0x0, {0x9, 0x21, 0x87, 0x0, 0x1, {0x22, 0x45b}}, {{{0x9, 0x5, 0x81, 0x3, 0x8, 0x0, 0xfe}}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000080)='net/ip6_tables_targets\x00')
syz_usb_control_io$hid(r0, &(0x7f0000000340)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00220508"], 0x0}, 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)

3m32.620062134s ago: executing program 0 (id=765):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(arc4)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad", 0x1)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fb", 0x42}], 0x2}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}, {&(0x7f0000000200)=""/83, 0x53}], 0x2}, 0x100)

3m32.066294394s ago: executing program 36 (id=765):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(arc4)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad", 0x1)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fb", 0x42}], 0x2}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}, {&(0x7f0000000200)=""/83, 0x53}], 0x2}, 0x100)

1m26.946951497s ago: executing program 7 (id=1414):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000740)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x4e24, @broadcast}, 0x2, 0x0, 0x4}}, 0x2e)
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r3, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)={0x34, r2, 0x1, 0x70bd26, 0x4, {0x5}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_PEER_SESSION_ID={0x8, 0xc, 0x3}, @L2TP_ATTR_SESSION_ID={0x8}, @L2TP_ATTR_PW_TYPE={0x6, 0x1, 0x700}]}, 0x34}}, 0x20)

1m26.467950435s ago: executing program 7 (id=1418):
syz_mount_image$reiserfs(&(0x7f0000000140), &(0x7f0000001140)='./file6\x00', 0x98, &(0x7f0000000280), 0x1, 0x10ef, &(0x7f00000022c0)="$eJzs2DGLE0EYBuB3dg/kqshcvx5oYSHHHfEPXKGQxsLaLljZmUrJz/HnyFX2R3pTBOyVTQwJEhDJYuB4Hlh252Vmvp1yvgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDvLPlekosmqdusSVKSrrubLJJ02/zx17ZJydv3k9mrj+PXs8209FmT0q9aj+vN01rHdVxv6suL22d19unzh3avZEmX+9V8ev5mOehR+trtoDsCAADAw/DzaKMT1wcAAAD+ZrBGAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAA6vajSVKSrrubLJJ0p/0tAAAA4EglTd6NDuWbNsDOi3wblZRHu+RH6edc58uB9QAAAMC/KXv38ec5z5O9/DJnubrajH+/srxN2iTXf+xzv5pP18/lfFr+5wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgF/swLEAAAAAgDB/6zQ6NgAAAAAAAAAAAAAAAGCqAAAA//9TGNII")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0)
ftruncate(r0, 0x3af001)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1442, 0x0)
pwrite64(r1, &(0x7f0000000140)='2', 0xfdef, 0xfecc)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.numa_stat\x00', 0x26e1, 0x0)

1m25.04169632s ago: executing program 7 (id=1426):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6161, 0x4d15, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x4f8}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000340)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00220508"], 0x0}, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000d80)={0x24, 0x0, &(0x7f0000000200)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x807}}, 0x0, 0x0}, 0x0)
syz_usb_control_io(r0, &(0x7f0000000400)={0x2c, 0x0, &(0x7f0000000680)={0x0, 0x3, 0x2, @string={0x2}}, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io(r0, &(0x7f0000000200)={0x2c, 0x0, &(0x7f00000000c0)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0xc01}}, 0x0, 0x0, 0x0}, 0x0)

1m22.137041641s ago: executing program 7 (id=1442):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f0000000200)={[{@max_batch_time={'max_batch_time', 0x3d, 0x358}}, {@resuid}, {@dax_inode}]}, 0x3, 0x44b, &(0x7f00000004c0)="$eJzs282PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rClJYO9PdLLpxz77lzztN7T3vOPW0AI2sq+yeJ2BoRf0bERD3bXGCq/t/Vy2cXrl0+u5BEtfruP0mt3JXLZxeKosV5W/LMdBqRfpHE7jb1rpw+c3y+Ulk6lednV098NLty+swLx07MH106unRy/6FDBw/MvfzS/hf7EmfWpiu7Pl3es/OtD755+/BXTfG3xNEnU90OPl2t9rm64drWkE7GhtgQ1qUUEdnlKtf6/0SUYu3iTcSbnw+1ccBAVavV6pbOh89VgXtYEs15XR5GRfFBn81/i611EPDq4IYfQ3fptfoEKIv7ar7Vj4xFmpcpt8xv+2kqIt4/9+932RaDeQ4BANDkp2z883y78V8aDzWUuy9fG5qMiPsjYntEPBAROyLiwYha2Ycj4pF11t+6SHLj+Ce92FNgtygb/72Sr201j/+K0V9MlvLctlr85eTIscrSvvw1mY7ypiw/16WOn9/44+tOxxrHf9mW1V+MBfN2XBzb1HzO4vzq/O3E3OjS+YhdY+3iT66vBCQRsTMidvVYx7Fnf9jT6djN4++iD+tM1e8jnqlf/3PREn8h6b4+Ofu/qCztmy3uihv99vuFdzrVf1vx90F2/f/f9v6/Hv9k0rheu7L+Oi789WXHOU2v9/948l4tPZ7v+2R+dfXUXMR4crje6Mb9+9fOLfJF+Sz+6b3t+//2WHsldkdEdhM/GhGPRcTjedufiIgnI2Jvl/h/ff2pD3uPf7Cy+BfXdf3XEuPRuqd9onT8lx+bKp28If5r3a//wVpqOt9zK+9/t9Ku3u5mAAAAuPukEbE1knTmejpNZ2bq35ffEZFWlldWnzuy/PHJxfpvBCYj0uJJ10TD89C5fFpfz5+PiPpXC4rjB/Lnxt+WNtfyMwvLlcVhBw8jbkuH/p/5uzTs1gED5/daMLr0fxhd+j+MLv0fRleb/r95GO0A7rx2n/+fDaEdwJ3X0v8t+8EIMf+H0aX/w+jS/2EkrWyOm/9Ivmui+Es9nn7PJqK8IZoxsESkG6IZGzZRvsv7xfDekwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPrpvwAAAP//9gndaw==")
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
chdir(&(0x7f00000001c0)='./file0\x00')
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x80, 0x0)
getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000)

1m21.530708162s ago: executing program 7 (id=1447):
r0 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x4)
r1 = syz_usb_connect(0x3, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0)
close(0x3)
syz_open_dev$midi(&(0x7f0000000000), 0x3, 0x88c02)
syz_usb_disconnect(r1)
fcntl$setstatus(r0, 0x4, 0x42000)

1m20.959416642s ago: executing program 7 (id=1454):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x446, &(0x7f0000000080)={[{@stripe={'stripe', 0x3d, 0x2}}, {@journal_dev={'journal_dev', 0x3d, 0x1045}}, {@oldalloc}, {@noquota}, {@data_err_ignore}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@delalloc}, {@errors_continue}, {@orlov}, {@user_xattr}, {@resuid={'resuid', 0x3d, 0xee00}}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x20c00, 0xc)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x400, 0x0, 0x0, 0x1, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000000000000c00002000", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x4]})
fallocate(r0, 0x0, 0x0, 0x1000f4)

1m20.49422477s ago: executing program 37 (id=1454):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x446, &(0x7f0000000080)={[{@stripe={'stripe', 0x3d, 0x2}}, {@journal_dev={'journal_dev', 0x3d, 0x1045}}, {@oldalloc}, {@noquota}, {@data_err_ignore}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@delalloc}, {@errors_continue}, {@orlov}, {@user_xattr}, {@resuid={'resuid', 0x3d, 0xee00}}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x20c00, 0xc)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x400, 0x0, 0x0, 0x1, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000000000000c00002000", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x4]})
fallocate(r0, 0x0, 0x0, 0x1000f4)

35.272473033s ago: executing program 9 (id=1718):
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00')
syz_fuse_handle_req(r0, &(0x7f0000000cc0)="f773091228a43a58c864f1e0366b07de21fe64fbd0bf85a894f8d30ff6cc5256c4d3abd726c119dbebd0ddca6ad62fdbc55f46668ec0858ba96bf6733f0be147e9108ebf89278ca74e07fed107889459c0a5e30616db71c6973818d14e3571c410aef47e6e54ba02e48ec733ebc921795a1f431faeecbc65696ffb9e08760f45650f650d24af651d9986b956d8dd66017f17012f2358b5f69dd63f9aa5fad2ab7ee6df7c99f0b5601e1dab2ed5ca6aa237c52a838d7d51293628dde608fc4ec691b6e2023ff6a6813c505fc81bd0a0de800a5bd701a401ed07139dfa917e524c7d8fd47094122e9acb0382682d0b2adc54ab61c2d9aac6b5b0d50623187e31ca089585dab35411759db09bc44178011883cd0d5ab3fc6f8be3d0e71f083fb911a229995801eeab83581aa5bde0db85ff5c77aa311fdc9f9b4b4de0a96d371b6371ace3923e5557c7e911f522e132bae799ec6d11a43ff7420d4833d306f261ab6636b1f7d250829700456e3aa69bdfa28f24acd27b4df16cf417a7bbb852fe7b50e3841708110ab82af1e1145c542afb83cd7b542c6e310a86cdb76d492955312ae6665c95f36a0683bd12a394d6a45a0f38fcde7d665c4afbb329f3486e1b21af321b3f933d585d885485e6d9448b35e0f8d825365ce26af6cb8fb7466b66491e34b5313019beb3b2934b369daaa16b73734d3f787dcbe3115a3da3804aca82335ac9b20823728a6ee0d292dbcebb103ecdec0d27ae3a3ad5e0040cb78abfddfe16f98397c5f1f910372454722a612a0cc91ea8f709544f22c4e3bd70840745638d83b74197c0b22331e3b107af26097a37c8dd2b91e5156af1a33e06846eb15aa2fe95b6df98bfa7fe28693e0ed082aacb3181b657f81790d4556506f8f2a3753bfbd2949429dc3cd1e11291e82dc3db974a13d88d9cb4242165201f3d9b130c128d057bb9167f12859fbef6de8216d70eec7d3706b9013f9b8f61d8059ab50904b66a32376840d8c3e714bd6ae87640f352ca2b4fa2c1cd83f28d5de889f1454605fdd49c7a7cf1af226895ad6ce6612063d88ae60f5b8af22ef1306f55205152f0e72f2edee901bd89136eebed01475edd572f5a4da8b34bc6db8f29944cc720cf2b03cd2f768a34a81fdd58693fe859edfb2799b3f90cae32b6d2c577dfb9e03ab2bb25a41f53a42c11c89a615bf1c44f5c61084c70882a55fb3039792e9fff127b323c0783c506b6e4b7079cf27f67fdb191256b7c908e1e30a8f72072ac4323337062da5132369135408bf74e1b1f6c1bae332f75291d7a4f4aad4b9f70be298868305486c519434652da2535ff7924324472fb23c84558a5b1578ae94c8805becdb99eba47add535fcb7a72ad9b5d631b824a35d58807ea066bbe53859c50b5adb3508ccb3ae974ee187e40dbfc09a326b06a6004aa81c6c91eadf97ccc77cf9ccf4ed92199d95c2c8d5c965594e306d4e8b78d99d2ab0d282890c9d34639d719488b8d5fd3832a01f1a5f75449f460688e63825421aecef8a43a187739d8b1e14e54c658d57e4cf607430ea530720b3308609b57a9148ad5b921d94b6bb775880d492bb515bbd30caeb4ab8fc8b0c392a6c76dc63ca136d6e76e49a0878ea9577831e7bb3b4e3915b09222d3ccbec1b3dc4b1fd1515f302ba48d15adb9fd7aeb26fe553a60dcf82ff70b6c5d7389c54194e46bf7768584acbc18c7fd7fe0fdb11dd32a322f0ae97b481da34b47d0abc16c6d12f8e9d12db2dee5a1d66d5876bc6e100e02f3a921088947fc1d0a4d8e4e878e92cee18ceb78c7d9bf0204cc515eb8185b985e967134a1400b6a5b945b3ff86f62c2da8fe6dc8628ad36910b863a4b7cc519d853e6e3c6aff4d91862dc8c1364a8559f0c58f88a90ca4bc4a9d1aa2026229d46482819df72902a8d77615042340d758bb49153eb695823d43ef50e10e700a7303a4b798499464f39412a7b2cd7c460717364c595f3711d9ccb710075ae301100ce9f0c5d8b6ccf4f673112e2a7c2b29e56ab556d3e9dc0e777da840e1e304a24227bc9d1ba3c31f2bfc39b6ffe06e7dfc08ffbb799f56c5e9b4ce9120d10bc52d4d105167b30be7d4afa0007c59c3324121568fd4f48778d7b17a1ef117036520d25367253d763dd2f1369ef6562afeaa89dcbdd433ef80f92c41143cfeaf46325f2191b1b29b6a457e0a88e7a54dfede8e186ad4fd4d3eab77136d9e403dda03ddfb24708d648840427087481424d21b25a52922a359129ce109fec903fd33f03ea6176cb7cb64567d08204902acd1f1d0146c7c8ef5ca24d04209f2b55974ed7e11eb081beed06eb03ddb5ae80e3424d52741a5e7c8c89006a62f6ba37a7e39b75566b8d57cb11fd23ff73f7f251bfcfb74336760296a801488f77a8f0a830eb4ca2987be3ce42e2aad2f4a975d95eaf0834fbab05a7e97837c0d49ba31c93b2cd3ea05319ce1d223df3a08fc35d6d99bbc863602bc84d26926241ff70d7715d27d60b201315264f2ee3ed0ee2d1959228d9b388019151580a4a68449fd37cd2c894d749a0a281c4e458f5bfc76189e7c2ae21e318a99792090e7bb8bc73ead76439a4408b2ca49678ed93ececfdaedde0bea7f8df33910ab08518829435e642bad3aa9e373fdeb80c981e8f6f11602a8cb23b25dd718296c698aa602889638041b286c3234ae10d7d0c8ff1fe301735a467475db85fe88d155f4a8ac86937392129141f2784ff559c7dc79f0fc6a43c940fe735d91c74e3975415969548a9d7e996b5d6a0801e09519ab3852e8c5cc23f380be09fb7fd37e0cbc9f540a613aa289cce31fa3ee913e364a8a8fc1490087863222160b6899e32a391e090d41bfc961943d03f7b2f8e49750a04a20f2e2ca2951498e0fa8cf0d33d022d490704015c0a83ffb9f44114e37a386f2c7f940cce802edca5ff4ddeae0666167c2a466aecd919629185f491a210d407ebd09600406178ecc818a7cc4867ff14234efad41453027f6cbc62b4649fea7b227ede841e9816d98636c2a2c950680983d2375233a7dd64dc71c9733f5502ff4016724506ff026ba71df2623446f083df9e6df6e7fb701da63c640f8599e09cd7ea1b818bc34349a051430fe5791df7724eda9eae0adb53ec1e844565abe44063a465bb2ea15fa53342cd1229f0b6092c7d544dd0ffb9cadda6930115a66a5ae892f3661e32eb3ace734f4386da1ed040dfb0155ee3f079ec72a3bd8da69b943250a3d33fdc8f4666d77c680db12e0aacd2ea7adf4b00f86733ed27d3c7d677f6a7b60c3657a599a7a36c88e5c805eb7bc022613b6ed3489ac3217bc25e862973d9b3f2235049452aeeac96f3e40044df6d2dbde64b819bf1ee67c6a03566e1e5c8d123adc7eb0410be047cfecce48a5eaf41a718f5d1b78c17fbb6fbcf003f6b1dba0a00558ae60e6413c271bb0dbf733aedd68eab4f8d884bb46b5fd833dd718e6c4ea58ff44f4137372494ae1c74d2ce3cd66526518a798f095fa804088d18d2695740e930b8d57eb55ade001c1cc9c734b77da57482e024503a1ea9e2a43943a308b5285d622ab623b860603122b41fcc249f224212cfbdc8dbc15e791ea6f51c44154619c98661664b11a34d20ecec388d69f5b32fc674d0ddf2b1365c8709a529b2eb3ba0a0547bdde3adcd272e0a41de9904999fd890b75fed8e60f1f00bc8aac46d8043ff2451541f644f270d9fc65a0b772078b05a6ce60c0df8b2540d89d052fae472867edf3b03a252bfe8e9ca3d2e31c7950851d2e7e7273c0109f2ac002747d277b6c9e6a9bd51d57c59b178a6e329c81c7bf2f5c5d345b2e990093b2e47f79807a62017fcd34efc671c7c6270a1a80f60fba3fbabb48f294ee3b1425b6e8c0fe7b14c31c2b0100d8c5f50349cff1e4e0d3aaee1f4afe10f5c234c1c4ba670111ba0d29694811f3dc242a73a9b042535f3ae8ec5b94240fd091cdfa157e7d27bf26412cdbe54ef55eb5d7183ca5ef0a9f5e81aa6dbf705e3a0d542a7573ec99ae67293970aceb8ca52c9eb5786196cb61947436581745df8a5ca11706001844f581317d43e29fc6eb1d1b011278eb4d77cc6a2e1defabaf87177a162f6269abd97503cc26aa73a18a5954e88692b63e34ba673a6b302ea2a59679ef60094c3db6f3874dab8affd12a7d12c53e77efa807d3ad845b908438b59461da39c072c6ef2fb1889f9a9e39a9256bdc71179c98399e60df6b8224a30e22ffd9010488cbc101ef020ea78a90977fe35586b4140339bffbcf32d81b04f789a195a44f289f44c714e6163afada072871122aaf6f60da967554de66cc4ecbf50aef5d02af874873ae5a36a576eb5dfd749b6168e395ce5817d6275b25d6c6ecdc6d8c4a39fa98f749d6584ec0312bd781a0a14fca35c8b0ac2cdb5a4b15d03966ce40cae66ded0cf7afbc5f1a580bcc596360f9253a70f05ebf3a58ca30b05b6edf4367d988e6dde2cedf37237ebd56da02edcebd9ba841c210ab52bdd869fbf3a783b44670483a012419a50c0114863a97d9f152e63a3ffffc4c83710ef02a3a9c718450f4e8f918c2c551d477a88e91c67bf1337a52f4d680e9607a295feafe09e1a0c5e3c1a18c5390a6a84fa19dbfa2abe421021b471f1e80811a4ba036a9a457fa323b7fa65e666a08f673ca92a02c03d6eba96604f770444b96297307bc23f6a928f0da3d97f522125592c092bb32f97882a59603b268167e970bda981299524929e111e31b3301285cfd9bbbf0263d7e2e19cd42e56920565eb5f45f99455b0851dcefd6d91575ec4e273afaad0f7e831d46a8d5f95244e06febe9d9c76fe2de20e561b11d39a4884d29e68773aa85327279e667884f8d4f965e8b12815076da686c02d17a32bc97de630508b06b091a7fa705bd705a3b5e85975db69d4198f23547686cbd42dfeb495d2c0c2c4c155dd1c8c0522836b271015c8f23a5c129e49c0def56c0fd2a5d010583b4d2849b97dffa9d28dbf783be484de51b8c1facf821d8f6a295caa97f5245c8b3fbe71b47a3390f2c2ab9f6ee41ab082c6ddaed769ddbd9188c970be2843f4fdfe32d3b9242628e3a1d037746b564b4bf6cbc37824444a78605c010a00f2f8abded984e664c63a10cb24e0c1d2d53873d519475651d73e1e228fba31b3165de6572c3f4ca692b73652bb77c423a191d45e90b122e0a66b956302ff7bacccce85e7428d8c574ef3d78884495c95f1416c3f500f5be2c0a70303ee19d4e81c1360db322a0400f311caffe568d07adaf9d6bd6f136f0886db4fc6c2cb956b79064b61afe3abd2ca638c62bf89ba91cfab89aeb6fb4eee6b8a6a321076ed5efbeb369259390e780454eb1666c4fe8366b00765b5639e20827349f4df49c90bf5dd320b36510fedf5c18f59ee14e1a8e436f02506d6c6c3c8c3328eff00bcb66ea3a99f2e9cb20f0efcfb09876f7860ce4294de8c5ce007604031a8dadaa20955701736218a159845f8cc7a485412bebaf653462459380a2cb0900721d570391f8e62869546a610e8478d9536d473945a46d9a89686d1dba43690a5a4dcad2d4fbacd877e38495d4a1696bbf46ae8fc6a764faf7c67101a785d259ac8a6df1c7fbd006e9327e24d8fa4c569a5e37fc047521cf520e2bf11dff07f6c47442db2fe7a94a7b557454363043ad4fb00d2842a16a2b25fcdd5aa38d585600cf81e9d202822c4571a12668cc202ef3af5704337bd134b99c6df8538316c9e423032e4c3b73b1e26571b9890ee5a5f9885321281c1371614b57464647c8d5387dcc9878ba4f9c4f65cb3d34fcde5b5fa1610c28f50ddf5a1ccd682ddf4590adc3d3f98b8f98fcd1845dadfb142dde12116bf36d7b738d930e10c3317a0222914e059370b463611c7e8d37bab1f834ba690c98af9924540256cb073ce89d05715e50cb79948451c8c4fbb07f497e860ed293803689ba1895af65c8d97c276e2cd0e7bdbe50655293462dbe64499184a7b8a89a454e38219b5e979c98badc75513d7a6862e2db939347d9941d906432ae41b67df54c2c92568d847fbaef8773dd466bdaf52bffde53fdc2514ae006e19a9599e0fde9c5772c3b30ce30d8fd5e0f91fdd8c66a8884575adc7d2970321520722ab1ddeaa64aa21855f9263d0b51d2b2df0ab28cd32d709c0984ed7f0ef4ced427e99230553a0b0453b1f6daa0ff63cd7750cbdb5f3373ea044ead7c91acfcfdac09648c06f4520a6766d530b37ad2aea22b50419b26f3a40df01f4970a104df6893d6e0b6b3cf88eac9c3edd9e724c5357283e933173dce77bbf70c99367b68e55cb0a3e16d1696c571b483640c33b9f229d837fd1d303608ea286643ccf46dfbd26d2484c79827c6cf896e4904a1febc39932c76a17606c0a62010932fe29877c00dcf7d65fb006594d8869bbe7f78138a78a125a475da225920235b47ba8bd631815926f7a5c4ff69d61c39b26b078760dbceefaea9aa5f08c97d2e97bd478d014ee739db93824bfa7d3167f789624e5a98873422a0176c8b2a69eb5a01dfdb22ac1cb7f9294df6ac1245d50ec44fbdfaeb145c9bacad2abc7e160993afbad2abcb9c1019cfe0e358d1c44676cf002cf844d83de959c3c3f074bad5ac0326d0ca4864b2fd724beb5338e81fa81fd178e14e267c06189ac51fc6a248398986d25d6791c98d330b37a59b3d9c46f94e6170ec499fb3f27443c185e261761d9fac5fa44bc4912c41f93a642b89d51afa016c87d086a145255e808082a2036ead976bd2b78079f8410dfd8fbd15048e3264f15491204529f6b0e5dd560caa9113f9491433b9ba54dba2fcd648928717a1499582e6acba3dd28364b368a1e16b13a2cdaf13ef8b0d4046f8c2a5f280d538b0efe3297bcc226c17688be16315383fe043a7c51a8bb02497277bb1dcc9a16db9d04dabfb0bf6eb9f408d18266fa45d2fbbe3b18b89d6dc7c5b947b741925ac93991554216773ac5e0dc903d966e8fab10ae2eb22e002aebdea2d800ba75fe33082561b9222997bcfd8d246dcee7c46ba0a12a361880b6c4bbcf966a2ac0600d69d39c6c43c783859e5212dea9944a658c6fcf33df2be59da18f1385d3425bfcafda04071b83539311884d4cc8db5838dd84c3d8355292fee226e5a69c6c9a31f1b5406cebd486ffd050928f3916d748f159436fe37dbef68656842624063833cd1811151e9f05dc5ca63191587f51274b6ba07ad44e104a20dd2fc6d43e0274c35f926b56591cee7670856d5d5194df8bdbf608f77cd8701f0ef26a0e38e4cca58e4cc699065d27eb74bd6f89755779f3b2a73a3a0d0f655755dc7cb91772bbe0b89d360353335e545d8c3133260b2ade1814e2fb4e9bea7db3e30fb62c936544a91170ec2f86e3ae75319da0d873a05dc9f0e14bc709028e11da854a03d3941a51e6f3e0d363528c9d203fa5166d9aba23a49df941d5c902aaa68a3b99a709e9d9e3adc96b581494fd2c7e4605af5891261533ee403218c6901a37dec5e2d65dcfec9449cefef4eb4c4b793f34c9b0187ac1e9302c880149843a66feddfcfe47c5e33eaf1ab1eb0ed48cab980df0fe3e11c46a27d2be9972af5ecef3081f77ffb8640a8f3694085228f7400dbf177931fed7a9fada79fcb76251e5b64087e3e4d4fe0a5b86d7e6ddf47fcd131f68796de8c9e86bd6b08cf54ffdd5e10389e0d2122d72de173535a09defea837a519f96e1e795e6e767a2ea7ebcb44e96a11a2910bfc1b5221012732bca14534a2a97afb0faca2bee78f96b59930e27b7b410b53889a190ba70fd1b5fa4418f8fe6df52457a9f814eab291bd45471c20fdf973c0f75bb052417b69592e83cf8cb34b7b8189c01ade45736c77cfde6f44448b78e02ef376d75fd2f95fb0dd91f9321837777f5f514f083bab481b66639af323383a4d715a0c3a216536c52d3fb3933895e1709b25a84a8637a125a5fede40a90d84218efed8b65c021bffc279a4b30fd0cb390a95d1225862f37df93bc97f1192e725bc38e81ca4a4d59f18afc9d89793d3834e1781a8d5e4d521aa3c34b4335817f0dd88771a31d3336e14645323ad54c728cf1b0fe515602c064b41885ff14ff394d4deef3c5de136fec1a05e3662cf61f29a74e9da23f116585d85d3806d015fc8783c08916546e18c92c737f31a7d35c72b3bea01fd852e7dc6d68f24bc787ef7b7df2c4acff86981597a7dd2aadbf40e26109a10e856a78929e698c308960d999783134d7f5abf90a9ecf67e496818ee42afe66888b41707047ecf3374be56e6be6d878531057d4b16b7ca749ec672842c057868ca4c0f9e69e6d92432d6331c4c32db2a93d50a690a0659d4c9bc6fd75f7201f943c603bf7caed8d218ebcf947ea685c0710c26aa11ec886480983e06b9be0168313de87b0e068f98bd14f2066e3fc3a058c32ca0da2a1b449814755e935ab360b15bc91f5d44e54ba2a8db07d1c3854f6b38efa006263300f2113c6d3481868e08d406545a25a8dc75b01e429853e26747023913298e7b5b174c8dfd4e36a81061ba46beeaa200d6003b9f0cf50caf3d5b06632d25fe7ba91d2a97f7562555a67876e334c642e48e753ce6f12a78329c381a1349cf5d89413d04a6b93c566aa2e335f4f0732567388a9df0b3084d57f6393eaf5c20fd7c3c29981500dfd3573a16ee4bc56836b5c3e75ebdce347e46f3d1247a936df69a259fb35ff4372b774f960aa4e8d84e4ae54caaea634d37d2d4f3a276e15176e1f00a906b2fe6ceaec16cba278d0eacdfac9dbbe5af60c5f923ce670315bbc29ac72e9f848d2c168949d7fae8d19fb86ac5511c36035c6c101063cd5b8b9902f8f51b6de2e59da3e5ddb25eb6e9dcd0a64492da36f8a61c9e2b33dd731f0423fd407048346d5a19fbb84c1d23e34f5e43afb32f3c6b85c550dae394285b233ec5ae2ac8646e2804f2c59e870caf6fae5d6df810bf6bd64562b288af75a5d42478475dd72e81651453558e4f7370cea3def6439ccc1ff644e7d0e9c5c286b8aa1881b5bf641ceef24f557b68bb7532af2139b5a890cddf0b1e26328070a43fe509609fdc6de4dfcf8f2f4a79ada37a05b9a2bcac4df7774a79f6aa569b4dd4cfcd944d64982c13349f5a880baa7b5f20aa55af6077299c6d53e0c6ea063d45d8217d72104012b5d82ec46fde056dfc94e6cc9d61bbd1bf08401d1ee163f3d7f88d3481c0f395765e6653d6678dd73a71d411e0ea02608b226357ead909c8d5643527dcd1e0f0b7a785cf691b59812593bcba54624fa2ad1db9547b78bdfe0d6ba2dbc3298dd0c539260235adb385a00989685705cf3631ae545dfd8e2813d5a2ae507f357ef3ed5dd46a868e04cfca7d01edf77c19c6d4477b9a57c7629dff4afef542d19a1b559e55488a3083ad29b98019bc54cc59299e30aa5cdf96e073ae593f644ca0e7f334b1979d16b436e624747e9c86cd985d126bc7495dc27d010347f7a76266894de2ec5d2c9e460e723b0857313e17a17a6a2ad9983867cb78dc5dd3eec56056fcf4a76acf11af6e74fa9c08dc30df7590fccc00e8e972736397ba8680fd56f2fd3758d628c3c93c4222ded9de6b2341cd49325af64d48de4e1c62dea24b19e82f3ae3cf1212671774b510d2e2c18141b5b0ca54376d311443bf5bea59d9f07cb83767904e644a5cb77830f4f7f92de93dd6498ad091384d8899fea4d539ea6dd9178b07bcb47704e37ce6412ab52e24108c890848f9ae08f3c7bd72362cea73dfd0ffc8b77baab1fb43f9b2247f3c20e1a67839ddb28ba7ebef67abe121c3f55d1b63cf32698e068ed11b514f23b8762d55e6394613bb895b5f6bd256ca0732acb067f916bdce9120dffa8a9473815ccd35b3d622ee25ffb98bbdbd17955a0694cac0a64254ae997a9a15137b7f923f611a1adaea3fb6ef547d5a3be44a14be44202b1679968ded791d3a7632cdf4cd3c762d022cc3109e0b10b62b3e779836756ca3bb65a1c8a7fff871113f1975b556831aaaba1850acf0953383e223d3371ae4753a323dda2ea9298cf94c15abb084f8548672b257225544adb2b5eb8fa348a32a20f15d6873bf5dabde8fd89a76903d6f75e0c57c4d6918a3c3120ba5e5cb955cf224a17bd49bb08212d585ce979199247a40757ab81d9e1fbddbb14f015908a9aee690382cb07557beb1b157f5a3b279615d5b7c64a83d229a87cd16a6d401c06dc84ae286075c4d634e6f91dc7a284bbfc1795acedb1fd43c5c2e8ed6fa237e3d06a69b4fb83aa47a12e4ef83a5c5741d85d8342247d4d979601b66867313b1b8f19f769d13c9fbf6c1b2e272d0b0e875743c138ef0c014e1d8985642b029d35aa073d283da1367e869561913a1a0463cf3cc6c41835dcb60d69f6f71aafeede9bc6987c4a68c9e0fb3c1986433e6e45d23a5b03ec664b00cf6a207a8e7dccf7d493bee9a44331e8c1ed92d5cec7afd206d3a3cb78f213b4d2aa8c1c9b0730d818747ddf1027aeb8684944c5b9696ea935f55b5be94f69bdcecc50186cff82a73de8bd231314d9217b6089b8cd8a292793f1fdec1c5af1a2df89c1e300d2fb93516d56060e08f7e4c50b5f227325d0908677653d64dc5cf838f39e271ad79f0033b6b2a5611d5d1f9bb984e6f7d735c5bf0924d873e20e5869bd6d94d9f0994a78614dec3f36325299d189293dc5a4df8cbad29d1fd7f9b51c1c9e48e2238aaff3243cd346deb4ba8545af524776300f648c6728b0f97d17f7ec45daddd62478890a166e7db997047df69ded08cc4d9d8297259dc4100c88359c880dc855ffd5ef3b0922a5b00dae3daeb70441e15dffb415adafaaafb5f5c03b610a3c9903662c236e23baf01337a669f5e174cca1ec79ad7f3cd8635fdcea958cb67400bd01dd03a845fe820f0e7f19776867f247e9c2536ad2776de00480246ace33002c284d7a8929d1e708da9059212ae6d7da49afb9222c97983529158f69bbdbd8f502daae24aef87d0d8a4085dd0740ad1f33178b52447f43192acab0b9aa777262142ec29befefc95de9637f3cb7dff186af2020378870015feadf7b4bf66959cc81543ae33312e4ae3e9c152a65eb76df86b788d11a8534227a8d7e330ef48f5a1069ce4152bc6b311e4636d480272527fcc60c5c3aebbb513d06246ef52e33e7cca789f106ca53df689353c3a518c6dd4719a073f83ea70e1b37c312d216ef26f806f13ddb40e12e3c8b31ccab1440fcd2a2f2f7766997a610a1ad51108163ab4da30219c9a5a2545b19041bdff4e2569f3c281784ac3982de68af9405d634ea1c8d814d0f15b946a1e2130a2995e2d2330be135f21bf5abeb851c65cc3227aff2ce2d88325436409d725a5523253a722af8360a0dee622adc4690ae49f6c3445d2bc4ae75595874849b54798724a0a9f6161caeb83ad17c2d7325524d9acb94e80c7626458167e624f62e9dbf2c49ea52f8c978481f6fdce7222a4c353d8a77034d7a3e3237d253ce3402553ae63a4519298e96b534bab3aadba3dbae70c07fa06e03f89b711e1deb0e9f4dacbad30374777a2710dec408fb8531acb5d89376c07b5673cac6e361935", 0x2000, &(0x7f0000003ec0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x20, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@volatile}, {@userxattr}]})
lseek(r0, 0xba, 0x1)

34.967728758s ago: executing program 9 (id=1722):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-blowfish-asm\x00'}, 0x58)
r1 = accept$alg(r0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ad060000", 0x4)
sendmmsg$inet(r1, &(0x7f0000000580)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000140)="17", 0x1}, {&(0x7f0000002a40)="0d5ebfd6dfe98a01b2fb5b0eb19a417353a0833d961a98422333bb10a75289", 0x1f}], 0x2, &(0x7f0000003840)=ANY=[@ANYBLOB='@'], 0x40}}], 0x1, 0x715076165a76ad26)
recvmmsg(r1, &(0x7f00000003c0)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000400)=""/173, 0xad}], 0x1}, 0x5}], 0x1, 0x40002000, 0x0)

33.944155026s ago: executing program 9 (id=1731):
syz_mount_image$exfat(&(0x7f0000000280), &(0x7f00000000c0)='./file2\x00', 0x2200050, &(0x7f0000000000)=ANY=[], 0x1, 0x1516, &(0x7f0000003140)="$eJzs3Am4T+X2OPC13vfdHDJ8k8x7vWvzTYaXJMmQJEOSJCGZE5IkSZLEIVMSkpDxJJlD5nTSMc9D5qSTK0mSkJDk/T+n4e823H/33l/3r9896/M8+znv2nu/a6991vmePTzPOV90HVa9UY0q9ZkZ/h365wH++CURABIAYCAAZAeAAADK5CiTI217Jo2J/9ZBxH9IgxmXuwJxOUn/0zfpf/om/U/fpP/pm/Q/fZP+p2/S//RN+i9EujYr75WypN9F3v//L6f+J5Pl+v/fB/G3q/7RvtL//zb6X9pb+p9uZPi9ldL/9OL3LwHS//RN+p+eBZe7AHGZyec/fZP+C5Gu/envlDecu9zvtGX5FxYhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEOL/g3P+EgMAP48vd11CCCGEEEIIIYT48/i3LncFQgghhBBCCCGE+M9DUKDBQAAZICMkQCbIDFdAFsgK2SA7xOBKyAFXQU64GnJBbsgDeSEf5IcCEAKBBYYICkIhiMM1UBiuhSJQFIpBcXBQAkrCdVAKrofScAOUgRuhLNwE5aA8VICKcDNUglugMtwKVeA2qArVoDrUgNuhJtwBteBOqA13QR24G+rCPVAP7oX60AAawn3QCO6HxtAEmkIzaA4toOUfzE/K/nvzn4Ee8Cz0hF6QCL2hDzwHfaEf9IcBMBCeh0HwAgyGF2EIDIVh8BIMh5dhBLwCI2EUjIZXYQyMhXEwHibAREiC12ASvA6T4Y37s8JUmAbTYQbMhFnwJsyGOTAX3oJ5MB8WQFKmRbAYlsDbsBTegWR4F5bBe5ACy2EFrIRVsBrWwFpYB+thA2yETbAZtsBW2Abvw3bYATthF+yGPbAXPoB98CHsh48gFT/+F+ef/eV86IaAgAoVGjSYATNgAiZgZsyMWTALZsNsGMMY5sAcmBNzYi7MhXkwD+bDfFgACyAhISNjQSyIcYxjYSyMRbAIFsNi6NBhSSyJpfB6LI2lsQyWwbJYFstheSyPFbEiVsJKWBkrYxWsglWxKlbH6ng73o53YC2shbWxNtbBOlgX62I9rIf1sT42xIbYCBthY2yMTbEpNsfm2BJbYitsha2xNbbFttgO22F7bI8dsAN2xI7YCTthZ+yMXbALdsWu2A2fxqfxGXwGn8VnsRdWVb2xD/bBvtgX++MAHIDP4yB8AV/AF3EIDsVh+BK+hC/jCDyDI3EUjsbRWEmNxXE4HllNxCRMwowwCSfjZJyCU3EqTscZOBNn4SycjXNwDr6F83A+zseFuBAX4xJcgkvxHUzGZFyGZzEFl+MKXImrcDWuwrW4DtfiBtyIG3AzbsatuBXfx/dxB+7AXbgL9+Ae/AA/wA/xQxyCqZiKB/AAHsSDeAgP4WE8jEfwCB7Fo3gMj+FxPI4n8CSewpN4Gk/jGTyL5wDgPJ7HC3gBL+LFtA+/SmOUURlUBpWgElRmlVllUVlUNpVNxVRM5VA5VE6VU+VSuVQelUflU/lUAVVAkSLFKlIFVUEVV3FVWBVWRVQRVUwVU045VVKVVKVUKVValVZl1I2qrLpJlVPlVRtXUVVUlVRbV1ndqqqoKqqqqqaqqxqqhqqpaqpaqpaqrWqrOqqOqqvuUfVUb+yPDVRaZxqpodhYDcOmqplqrlqol/EB1UqNwNaqjWqrHlKjcCS2V61cB/Wo6qjGYSf1uBqPT6guaiJ2VU+pbupp1V09o3qo1q6n6qWmYG/VR03Hvqqf6q8GqNlYTaV1rLp6UQ1RQ9Uw9ZJajC+rEeoVNVKNUqPVq2qMGqvGqfFqgpqoktRrapJ6XU1Wb6gpaqqapqarGWqmmqXeVLPVHDVXvaXmqflqgVqoFqnFaol6Wy1V76hk9a5apt5TKWq5WqFWqlVqtVqj1qp1ar3aoDaqTWqz2qK2qm3qfbVd7VA71S61W+1Re9UHap/6UO1XH6lU9bE6oP6mDqpP1CH1qTqsPlNH1OfqqPpCHVNfquPqK3VCnVSn1NfqtPpGnVFn1Tn1rTqvvlMX1PfqovIKNGqltTY60Bl0Rp2gM+nM+gqdRWfV2XR2HdNX6hz6Kp1TX61z6dw6j8mr8+n8uoAONWmrWUe6oC6k4/oaXVhfq4voorqYLq6dLqFL6ut0KX29Lq1v0GX0jbqsvkmX0+V1BQ/6Zl1J36Ir61t1FX2brqqr6eq6hr5d19R36Fr6Tl1b36Xr6Lt1XX2Prqfv1fV1A91Q36cb6ft1Y91EN9XNdHPdQrfUD+hW+kHdWrfRbfVDup1+WLfXj+gO+lHdUT+mO+nHdWf9hO6in9Rd9VO6m35ad9ff64va6566l07UvXUf/Zzuq/vp/nqAHqif14P0C3qwflEP0UP1MP2SHq5f1iP0K3qkHqVH61f1GD1Wj9Pj9QQ9USfp1/Qk/bqerN/QU/RUPU1P1zP0TN3/p0xz/4n5r//O/ME/HH2r3qbf19v1Dr1T79K79R69V+/V+/Q+vV/v16k6VR/QB/RBfVAf0of0YX1YH9FH9FF9VB/Tx/RxfVyf0Cf1t/prfVp/o8/os/qs/laf1+f1hZ++B2DQKKONMYHJYDKaBJPJZDZXmCwmq8lmspuYudLkMFeZnOZqk8vkNnlMXpPP5DcFTGjIWMMmMgVNIRM315jC5lpTxBQ1xUxx40wJU9Jc9z+e/0f1tTQtTSvTyrQ2rU1b09a0M+1Me9PedDAdTEfT0XQynUxn09l0MV1MV9PVdDPdTHfT3fQwPUxP09MkmkTTxzxn+pp+pr8ZYAaa580gM8gMNoPNEDPEDDPDzHAz3IwwI8xIM9KMNqPNGDPGjDPjzAQzwST57GaSmWQmm8lmiplipg3MbmaYGWaWmWVmm9lmrplr5pl5ZoFZYBaZRWaJWWKWmqUm2SSbZWaZSTHLzXKz0qw0q81qs9asNevNerPRbDSbzWaTYraZbWa72W52mp1mt9lt9pq9Zp/ZZ/ab/SbVpJoD5oA5aA6aQ+aQOWwOmyPmiDlqjppj5pg5bo6bE+aEOWVOmdPmtDljzphz5pw5b86bC+aCuWgupt32BSpQgQlMkCHIECQECUHmIHOQJcgSZAuyBbEgFuQIcgQ5g6uDXEHuIE+QN8gX5A8KBGFAgQ04iIKCQaEgHlwTFA6uDYoERYNiQfHABSWCksF1Qang+qB0cENQJrgxKBvcFJQLygcVgorBzUGl4JagcnBrUCW4LagaVAuqBzWC24OawR1BreDOoHZwV1AnuDuoG9wT1AvuDeoHDYKGwX1Bo+D+oHHQJGgaNAuaBy2Cln9qfu/P5H7Q9Qx7hYlh77BP+FzYN+wX9g8HhAPD58NB4Qvh4PDFcEg4NBwWvhQOD18OR4SvhCPDUeHo8NVwTDg2HBeODyeEE8Ok8LVwUvh6ODl8I5wSTg2nBdPDGeHMcFb4Zjg7nBPODd8K54XzwwXhwnBRuDhE/PFuPDl8N1wWvhemhMvDFeHKcFW4OlwTrg3XhevDDeHGcFO4ucygH3cNt4c7wp3hrnB3uCfcG34Q7gs/DPeHH4Wp4cfhgfBv4cHwk/BQ+Gl4OPwsPBJ+Hh4NvwiPhV+Gx8OvwhPhyUwQfh2eDr8Jz4Rnw3Pht+H58LvwQvh9eDH0aTf3aZd3MmQoA2WgBEqgzJSZslAWykbZKEYxykE5KCflpFyUi/JQHspH+agAFaA0TEwFqSDFKU6FqTAVoSJUjIqRI0clqSSVolJUmkpTGSpDZakslSNLFagC3Uw30y10C91Kt9JtdBtVo2pUg2oQYk2qRbWoNtWmOlSH6lJdqkf1qD7Vp4bUkBpRI2pMjakpNaXm1JxaUktqRa2oNbWmttSW2lE7ak/tqQN1oI7UkTpRJ+pMnakLdaGu1JW6UTfqTt2pB/WgntSTEimR+lAf6kt9qT/1p4E0kAbRIBpMg2kIDaFhNIyG03AaQSNoJI2i0fQqjaGxNI7G0wSaSEmURJNoEk2myTSFptA0mkYzaAbNolk0m2bTXJpL82geLaAFtIgW0RJaQktpKSVTMi2jZZRCKbSCVtAqWkVraA2to3W0gTbQJtpEW2gLbaNttJ22007aSbtpN+2lvbSP9tF+2k+plEoH6AAdpIN0iA7RYTpMR+gIHaWjdIyO0XE6TifoBJ2iU3SaTtMZOkPn6Bydp+/oAn1PF8lTgs1kM9srbBab1Waz2e2v4zw2r81n89sCNrS5bO5fxGStLWKL2mK2uHW2hC1pr/tNXM6WtxVsRXuzrWRvsZVtOZsJ/j6uae+wteydtra9y9awt/8irmPvtnXt/baebWLr22a2oW1hG9n7bWPbxDa1zWxz28K2sw/b9vYR28E+ajvax34TL7Xv2HV2vd1gN9p99kN7zn5rj9ov7Hn7ne1pe9mB9nk7yL5gB9sX7RA79JcxgB1tX7Vj7Fg7zo63E+zE38TT7HQ7w860s+ybdrad85t4iX3bzrPJdoFdaBfZxT/EaTUl23ftMvueTbHL7Qq70q6yq+0au/b/1rrSbrZb7Fa7135gt9sddqfdZXfbPT/Eaeex335kU+3H9oj93B60n9hD9pg9bD/7IU47v2P2S3vcfmVP2JP2lP3anrbf2DP27A/nn3buX9vv7UXrLTCyYs2GA87AGTmBM3FmvoKzcFbOxtk5xldyDr6Kc/LVnItzcx7Oy/k4PxfgkIktM0dckAtxnK/hwnwtF+GiXIyLs+MSXJKv41J8PZfmG7gM38hl+SYux+W5Alfkm7kS38KV+VauwrdxVa7G1bkG3841+Q6uxXdybb6L6/DdXJfv4Xp8L9fnBtyQ7+NGfD835ibclJtxc27BLfkBbsUPcmtuw235IW7HD3N7foQ78KPckR/jTvw4d+YnuAs/yV35Ke7GT3N3foZ78LPck3txIvfmPvwc9+V+3J8H8EB+ngfxCzyYX+QhPJSH8Us8nF/mEfwKj+RRPJpf5TE8lsfxeJ7AEzmJX+NJ/DpP5jd4Ck/laTydZ/BMnsVv8myew3P5LZ7H83kBL+RFvJiX8Nu8lN/hZH6Xl/F7nMLLeQWv5FW8mtfwWl7H63kDb+RNvJm38Fbexu/zdt7BO3kX7+Y9vJc/4H38Ie/njziVP+YD/Dc+yJ/wIf6UD/NnfIQ/56P8BR/jL/k4f8Un+CSf4q/5NH/DZ/gsn+Nv+Tx/xxf4e77IniHCSEU6MlEQZYgyRglRpihzdEWUJcoaZYuyR7HoyihHdFWUM7o6yhXljvJEeaN8Uf6oQBRGFNmIoygqGBWK4tE1UeHo2qhIVDQqFhWPXFQiKhldF5WKro9KRzdEZaIbo7LRTVG5qHxUIaoY3RxVim6JKke3RlWi26KqUbWoelQjuj2qGd0R1YrujGpHd0Wlo7ujutE9Ub3o3qh+1CBqGN0XNYrujxpHTaKmUbOoedQiahk9ELWKHoxaR22ittFDUbvo4ah99EjUIXo06hg9dml70eDHq+mvtidGvSP90xuyO/Wi+OL4kvjb8aXxd+LJ8Xfjy+LvxVPiy+Mr4ivjq+Kr42via+Pr4uvjG+Ib45vim+Nb4lvj3tfICA7THoTBuMBlcBldgsvkMrsrXBaX1WVz2V3MXelyuKtcTne1y+Vyuzwur8vn8rsCLnTkrGMXuYKukIu7a1xhd60r4oq6Yq64c66EK+lauJaupWvlHnStXRvX1j3kHnIPu4fdI+4R96jr6B5zndzjrrN7wnVxT7on3VOum3vadXfPuB7uWdfT9XKJLtH1cX1cX9fX9Xf93UA30A1yg9xgN9gNcUPcMDfMDXfD3Qg3wo10I91oN9qNcWPcODfOTXATXJJLcpPcJDfZTXZT3BQ3zU1zM9wMN8vNcrPdbDfXzXXz3Dy3wC1wi9wit8QtcUvdUpfskt0yt8yluBS3wq1wq9wqt8atcevcOrfBbXCb3Ca3xW1x29w2t91tdzvdTrfb7XZ73V63z+1z+91+l+pS3QF3wB10B90h96k77D5zR9zn7qj7wh1zX7rj7it3wp10p9zX7rT7xp1xZ9059607775zF9z37qLzLin2WmxS7PXY5NgbsSmxqbFpsemxGbGZsVmxN2OzY3Nic2NvxebF5scWxBbGFsUWx5bE3o4tjb0TS469G1sWey+WElseWxFbGVsVWx3zPv/2yBf0hXzcX+ML+2t9EV/UF/PFvfMlfEl/nS/lr/el/Q2+jL/Rl/U3+XK+vK/gm/imvplv7lv4lv4B38o/6Fv7Nr6tf8i38w/79v4R38E/6jv6x3wn/7jv7J/wXfyTvqt/av5PP56+h3/W9/S9fKLv7fv453xf38/39wP8QP+8H+Rf8IP9i36IH+qH+Zf8cP+yH+Ff8SP9KD/av+rH+LF+nB/vJ/iJPsm/5if51/1k/4af4qf6aX66n+Fn+ln+TT/bz/Fz/Vt+np/vF/iFfpFf7Jf4t/1S/45P9u/6Zf49n+KX+xV+pV/lV/s1fq1f59f7DX6j3+Q3+y1+q9/mM8J2v8Pv9Lv8br/H7/Uf+H3+Q7/ff+RT/cf+gP+bP+g/8Yf8p/6w/8wf8Z/7o/4Lf8x/6Y/7r/wJf9Kf8l/70/4bf8af9ef8t/68/85f8N/7i/I3a0IIIYQQ/xT9B9t7/8469dNiAKAPAGTdkffwr3NuyvXjuJ/a1zEGAI/26trg56VBg8TExJ/2TdEQFFoIALFL8zPApXg5tIWHoQO0gVK/W18/VQH5V/mDv9uelj9+I0BmgEw/r0uAH+Jf5b/+H+Rv8vav8/+6/vhCgCKFLs1JO9DP8aX8pf9B/j3t/iB/pk+SAFr/3ZwscCm+lL8kPAiPQYdf7CmEEEIIIYQQQvyonzrf7Y+eb9Oez/OZS3MywqX4j57P/0DlP+MchBBCCCGEEEII8f/2xNPdH3mgQ4c2nf+bBxn/GmX8BQYIAH+BMmTw1x9c7t9MQgghhBBCiD/bpZv+y12JEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgiRfv37/yFM/dM7X+5zFEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIS63/xMAAP//gUVOqg==")
rename(0x0, 0x0)
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
r1 = open(&(0x7f0000000180)='./bus\x00', 0x14113e, 0x6ceac77f206eabb9)
write$binfmt_script(r1, &(0x7f0000000080), 0x208e24b)
write$P9_RVERSION(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1300a12665ffff0f000000060039503230300559"], 0x13)

33.331993846s ago: executing program 9 (id=1735):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/file0\x00', &(0x7f0000000040)='./file0/../file0/file0\x00', 0x0, 0x8b101a, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f00000001c0)='./file0/../file0/file0/../file0\x00', 0xffffffffffffff9c, &(0x7f0000000140)='./file0/../file0/file0\x00', 0x103)

33.10606782s ago: executing program 9 (id=1739):
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
mount$fuseblk(&(0x7f0000002440), &(0x7f0000000040)='./file0\x00', &(0x7f00000003c0), 0x200840d, &(0x7f0000000280)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x2000}})
read$FUSE(r0, &(0x7f0000002480)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000140)={0x50, 0x0, r1, {0x7, 0x2b, 0xd, 0x800000, 0xa, 0x8, 0x3, 0x6, 0x0, 0x0, 0x40, 0xfffffffc}}, 0x50)
umount2(&(0x7f0000000000)='./file0\x00', 0x1)

32.687600898s ago: executing program 9 (id=1743):
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000100)=@nameseq={0x1e, 0x1, 0x3, {0x42, 0x1, 0x4}}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000001600), 0xffffffffffffffff)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f00000000c0)={0x42, 0x1}, 0x10)
sendmsg$TIPC_CMD_SHOW_PORTS(r1, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000001680)={&(0x7f0000000140)={0x1c, r2, 0x1}, 0x1c}}, 0x0)

32.295711434s ago: executing program 38 (id=1743):
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000100)=@nameseq={0x1e, 0x1, 0x3, {0x42, 0x1, 0x4}}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000001600), 0xffffffffffffffff)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f00000000c0)={0x42, 0x1}, 0x10)
sendmsg$TIPC_CMD_SHOW_PORTS(r1, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000001680)={&(0x7f0000000140)={0x1c, r2, 0x1}, 0x1c}}, 0x0)

32.049317999s ago: executing program 1 (id=1749):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000001080)=[{&(0x7f0000000040)="a72d11a15c048c0a7d63aebc5cea1f81510ff6091475aeec600831aa9d3944e60bc2ad06a619c560aa0118b28f68f1eb14549d633b4b23f179fb680716faa43414787559be90843c35ab30acad8a6740140e00721abc2eb362f7bde53b3c992d3e28ccc20ec84fdc569947047f6c09a647ee8c0a747b951e66c068ccf1af93ee9e6f9528ff79e2f989383b05a690a6bec4634b867c9446c1c644b3010e8a3514c6328323b4bbdd602b8f0dace6aea70902c4ddd2a2f2810f1348b0d0df3c1e6a5938fcfdc87e7580c6be0c6a06eca62d6f787dd16add086a21391c4c707d8b61929d1252681b84c245e0efafe2e6e73ad86a3cf59235ab0eacbb414af92ec3cdac420a064a98e8cc18bdf63f8997f96436e0fe6f06fdbf47fff353b01a861babd4a38d126bfe3e29049e6cc883e6efae6e70ef9ed124b1b09887a58c991e223b6420dca5ae238027e91b17b1707dc5c0d5f59f0ca95614f1ea1d263c1ee54dfe31ae35eb3c8e3b931dff7920c57fbba89adf2e392c1ad719b90c7ade0d38ff9792934ef1fb12f51d8e2fad12486d5883d5b1a46696fad128c6805cfb25bc6487e1e407d6b266971b09d0d864a7a550284e24b6cdc9f4ae1081a638175dffef002c76ac5558d23e41edbe68f4b4950a13aa000326dae5a857603dc5a40d6c6618a98c7b6e1eebd325ea2c14601a25658965f40864fd015d9b2fff83ee5ed3212ebd9fa429f0140f633556ac07c0c08e67a1848c9942ecc47dd4ffede9a429e9e0472be7cdbcd117e621ddf745c00a814ffff0224634472577dc0b35a9c153409f1a2bddc193b20b4d244d9cbbd59816c46000c596865f58b4e640ed4a9ab6086cede697fb113560925498da83273e679e0e28b84961eb7b9c9b4fa916590965c76b48e5d453f27a821bd2bf0946ff", 0x28e}], 0x1, 0x0, 0x6b}, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000280)={@val={0x1c, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x3d}, @mpls={[], @ipv4=@tcp={{0x6, 0x4, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x2, 0xb, 0x0, 0x300, 0x0, 0x1c, {[@window={0xe, 0x3}, @timestamp={0x5, 0x2}, @generic={0x0, 0x2, "d58838068b91"}]}}}}}}, 0x4e)

31.254095942s ago: executing program 1 (id=1752):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, 0x0}], 0x1, 0x5b, 0x0, 0x0)
ioctl$KVM_SET_TSC_KHZ_cpu(r2, 0xaea2, 0xfffffffffffffffd)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

30.607639174s ago: executing program 1 (id=1755):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000015c0)=@base={0xa, 0x7, 0xfff, 0x7, 0x40}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r1, 0x0, 0x0}, 0x10)
setxattr$trusted_overlay_upper(0x0, 0x0, 0x0, 0x841, 0x0)

30.345055779s ago: executing program 1 (id=1758):
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x101c0ca, &(0x7f0000000400)=ANY=[@ANYBLOB="73686f72746e616d653d6d697865642c666d61736b3d30303030303030303030303030303030303030303036362c696f636861727365743d69736f383835392d312c6572726f72733d636f6e74696e75652c756e695f786c6174653d302c696f636861727365743d61736369692c726f6469722c73686f72746e616d653d6d697865642c756e695f786c6174653d302c757466383d302c757466383d302c756e695f786c6174653d312c64656275672c756e695f786c6174653d312c666d61736b3d30303030303030303030303030303030303030303030332c6e6f63617365aec489af6ba9723d4b17106f6d47b9ade1c253d4e3b08066427cae9f41fd1e1dd25a22ec22ad6e8bf6f67e052de91b544f2f4541f87a0c0b36e8d444150b35c110bda57fe7a9c06ba087cc975447082aaf95213301f3e04b70ea67a8aa0d582ca1a9525dba7116d80f126f782a8b878fc79c0be9ad98cb6950995e6edba78e5301e8c8e69cc85beceb8b54f84a84787815ef9a18f1fe1c81b4c1830102f7e3236e2533e486ecb46ee53991c5bfe6289a474582f2e57741fd8de78f42097851bee74d4201c7767e0e0f4b34523150639b1291441ad01f2f72ed3679d7bca0e8b466f1af24647b0d26208ce3f0b420e3e0689f883196af0d0dfe7344f276c1b4bd333882cf7879248ad423e3f21cd0cae2309519f9d40df23cf05d9c8d8f9d07da771ea1e3bcd847"], 0x6, 0x2c0, &(0x7f0000000900)="$eJzs3U9rK1UUAPAz+TOJukgWrkRwQBeuHu+9rZsUeQ/ErnxkoS60+FqQJggtFKri2JVbNy78DILgB3HjNxDcCu6sUBiZyaRJ2pg2palof79Fe3vnnLlnboZ2WujJx6+O959nsXfy5a/R7SbRGMQgTpPoRyOmvo4Fg28DAPgvOy2K+KOYWCcviYju5soCADboej//W7PhT3dSFgCwQc/e/+Ddre3tJ+9lWTeejr85Gpa/2ZefJ8e39uLTGMVuPIxenEVUDwrtqJ4WyuHToijyVlbqxxvj/GhYZo4/+rk+/9bv9R8LSv3q4/nTRpX/zvaTR9nEXH5e1vFivf6gXP9x9OLl8+SF/MdL8mOYxpuvz9X/IHrxyyfxWYzieVXELP+rR1n2dvHdn198WJZX5if50bBTxc0UzTt8WQAAAAAAAAAAAAAAAAAAAAAA+J97UPfO6UTVv6ecqvvvNM/KL9qRTfUX+/NM8qetfRb6AxVFkVftcib9dR5mWVbUgbP8VrzSmm8sCAAAAAAAAAAAAAAAAAAAAPfX4fHn+zuj0e7BrQym3QBaEfHXs4ibnmcwN/NarA7u1GvujEaNergY05qfieY0JolYWUZ5Ebe0LVcNXrhUcz344cd1T9i9Oqa9fK3D4+ZNX6/84sz07trfSZbvYSemM9160e/TiFlMGtdcPf2nQ0Wsc/ulSw/11t6N9KVqkK+IiWRVYW/9Ntm5eia5eBVptatL09v1YC79wr1xrfs5upP0y98rEt06AAAAAAAAAAAAAAAAAABgo2b//bvk4MnK1EbR2VhZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCnZu//v8Ygj4h2fYIrgtM4OPyXLxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB74O8AAAD//0aWVl0=")
creat(&(0x7f0000000300)='./bus\x00', 0x110)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x400, 0x0, 0x0, 0x1, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000000000000c00002000", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x4]})
syz_mount_image$fuse(0x0, &(0x7f00000003c0)='./file0\x00', 0x1200000, 0x0, 0x1, 0x0, 0x0)

29.771048739s ago: executing program 1 (id=1762):
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = epoll_create1(0x80000)
r1 = signalfd4(0xffffffffffffffff, &(0x7f00000000c0)={[0x4]}, 0x8, 0x800)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000100)={0xc000000b})
epoll_pwait2(r0, &(0x7f0000000540)=[{}], 0x1, 0x0, 0x0, 0x0)
signalfd4(r1, &(0x7f0000000140)={[0xfffffffffffffff9]}, 0x8, 0x0)

28.799833676s ago: executing program 1 (id=1769):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$binfmt_aout(r0, &(0x7f0000000340)=ANY=[], 0xff2e)
ioctl$TCXONC(r0, 0x540a, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x2)
ioctl$TCXONC(r0, 0x540a, 0x1)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100))

27.97563144s ago: executing program 39 (id=1769):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$binfmt_aout(r0, &(0x7f0000000340)=ANY=[], 0xff2e)
ioctl$TCXONC(r0, 0x540a, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x2)
ioctl$TCXONC(r0, 0x540a, 0x1)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100))

3.723956535s ago: executing program 2 (id=1871):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000040), &(0x7f0000000100)='./bus\x00', 0x2000010, &(0x7f0000000000)=ANY=[@ANYRES16=0x0, @ANYRES32], 0x0, 0x6d8, &(0x7f0000000140)="$eJzs3c1vHGcdB/DvrNdvoUrdNk0jKKqVSIAUkdixUggXAkIohwpV5cDZSpzGyiapHAelFaIpVHBC4tA/oCD5xgkJiWNQOJcTvfpYCYlLxCFCqoxmdna9Xu/Wayex4/L5VON5Zp+X+c1vnpnprmNtgP9bl06neT9FLp1+4265vb620FpfW5isq1tJyvJzSTNJI0lxMykeJBfL+iLJVL1ub384eD8fLV9469OH65+1t5r1UvVr9PQfxYC29+ols0nG6vV246PuYst4l9vH32eib3tq2FhbGpZJO9U5eDhoG9vc20333Vy3wDOm83Qq2s/NbWaSI1Xh+fZ2fXdo7E90ezP0UdxjV3c5AAAAOKQ+uXXQEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDhU3//f1EvjXqd2RRH6q/Un+i8VpcPtfsHHQAAAAAAAAAAPAGvPcqj3M3RzvZGUf3O/2S1cSz/3Ui+kju5naWs5EzuZjGrWc1K5pPM9Aw0cXdxdXVlvtuzNLjnuYE9z+3XEQMAAAAAAADAl9Kvcmnz9/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAsKJKx9qpajnXKM2k028VMlD/uJf/olA+JYtCL9/c/DgAAAHgsU3vo8/yjPMrdHP3nX9vbG0X1nv949X55KndyM6tZzmpaWcqV+j10+a6/sb620FpfW7hRLtvH/cG/u8WB77v7VCOm+uzhzteqQ+nf84mqxXSuZrl65UwuVwNfSaPqWTrRiWdwXB+UMRXfr42YoGad1nJnv6/WkyP23K3dfhQxUwaXdDMyV2e6kYwnKTNQVB/UlOXXtnTtOTuDNfv3lEbG3+/saT6N7ic/x55Czo/U6/J4fjPiDNofdSZytZEqE+d6Zt/xL85E8s2//Oln11o3r1+7evv0s3NIOxgb8no3E/WcWOjJxCuHOhPNXbafqzLxcnf7Un6cn+Z0ZvNmVrKcn2cxq1nKRl2/WM/n8ufMoEx9vrFRt724ZUdv7hTJRH1e2udsh5gaZUyz+VEV3WJOVn2PZjlFbuVKlvJ69d+5zOc7OZ/zudBzhl8eeoarY6uu+sbmVb+xWZXkbwODP/WtujCd5Lf1elsO+gybnU/A5+k+Usu8vtCT1/asf9ht+kLPdTDXk6UXy8wMfyrv5d7Y/GpdKPfx63r9bJipM1FeQJ2nRCe6l9rzpFk/l/rvCH+oJsjt1s3rK9cW3xky/r2+7c4TqJxWa18fNcrx0Q9oz8rIXsxUfSfZOjvKupe6d5neuvmq7li3rrGt7uWqrig6V+pPhl6pE8ns8YEjnatGemVg3UJVd6Knbsv/b+VWWrmyD/kD4DHN5MjE9L+mP5n+ePrD6WvTb0z9cPK7k69OZPzv499rzo19o/Fq8ed8nF/m6EFHCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXwa3333v+mKrtbQyuNAYXrVDYaeR+wpF/YU+e9rX1sLk43UfWng4lYzceCp9jcfLF55OYF9QmO4PY1th4/1k/+KpC52vcBrc5ndloZlRBry4U5sPRohncp9PyrNVGMvgCXDANybgqTu7euOds7fffe/byzcW3156e+nm+PnzF+YunH994ezV5dbSXPvnQUcJPA2bD/2DjgQAAAAAAAAAAAAY1aA/DDj53C7+0GX433j4l4UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAE3HpdJr3U2R+7sxcub2+ttAql055s2UzSaORFL9IigfJxbSXzPQMV+SPD7IxYD8fLV9469OH659tjtVst08a9fox3KuXzCYZSwaGsNfxLtfrvSv+0znCMmGnOomDg/a/AAAA//96SPmM")
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = dup(r2)
ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000000)=ANY=[@ANYBLOB="02000000000000030100000000000000000000000000000000000000760f00000000000000000000000000000000000007"])

3.132975575s ago: executing program 2 (id=1873):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f00000009c0)=ANY=[@ANYBLOB="180000000000000000000000ffffff7f18110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000060000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='signal_generate\x00', r1}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)

2.87792841s ago: executing program 2 (id=1875):
syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b0000000904000002"], 0x0)
r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
r1 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000040), 0x8002)
write$binfmt_aout(r1, &(0x7f0000000380)=ANY=[@ANYBLOB="03070000b5"], 0xc8)
write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="03040000b500000001008aea0000feff"], 0xc8)
dup3(r1, r0, 0x0)

2.474009817s ago: executing program 8 (id=1880):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x800810, &(0x7f0000000180)={[{@nobh}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4}}]}, 0xff, 0x23f, &(0x7f0000000540)="$eJzs3T1oLFUYBuB3Zne95t5FrtoI4g+IiAbCtRNsYqMQkBBEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpIm2CiCVdQUsRE0WBgstFiZnURisuLPxh1xngdmZ2b3nPnOMPOe3WbYAK11Nclskk6S6SS9JMXpBnfWy9Xj3c2p3cVkMHjsh2LYrt6vnfS7kmQjyQNJdsoiL3STte2nDn7ae+Se11d7d7+7/eTURE/y2OHB/qNH78y/9sHc/WufffHdfJHZ9H93XhevGPFet0hu+jeK/UcU3aZHwF+x8Mr7X1a5vznJXcP891KmvnhvrFy308t9b/9R3ze///zWSY4VuHiDQa/6DtwYAK1TJumnKGeS1NtlOTNT/4b/qnO5fHF55eXp55dXl55reqYCLko/2X/4o0sfXjmT/287df6B/68q/48vbH1dbR91mh4NMBG31asq/9PPrN8b+YfWkX9oL/mH9pJ/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aK/T+QcA2mVwqeknkIGmND3/AAAAAAAAAAAAAAAAAAAA521O7S6eLJOq+clbyeFDSbqj6neG/0ecXD98vfxjUTX7TVF3G8vTd4x5gDG91/DT1zd802z9T29vtv76UrLxapJr3e75+684vv/+uRv/5PPes2MW+JuKM/sPPjHZ+mf9stVs/bm95ONq/rk2av4pc8twPXr+6VfXb8z6L/085gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmF8DAAD//xFQbUc=")
r0 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x2001)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r2, 0x8004587d, &(0x7f00000000c0)={@id={0x2, 0x0, @auto="03000000512511c5dd1d3d1c69342b6b"}})
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0x2000000000001]}})

2.156772382s ago: executing program 8 (id=1883):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
write$binfmt_elf64(r0, &(0x7f0000000400)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x3e, 0x6, 0x0, 0x40, 0x0, 0x9, 0x0, 0x38, 0x1, 0x40}, [{0x3, 0x4, 0xb, 0x8, 0x0, 0x4, 0x4, 0xebdc}]}, 0x78)
r1 = inotify_init1(0x0)
inotify_add_watch(r1, &(0x7f0000000140)='.\x00', 0x40000022)
close(r0)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0)

2.155899202s ago: executing program 5 (id=1884):
syz_mount_image$exfat(&(0x7f0000000240), &(0x7f0000000100)='./file1\x00', 0x3000cd0, &(0x7f0000000140)=ANY=[], 0x1, 0x1519, &(0x7f00000023c0)="$eJzs3Au0TuX2MPA5n+dZbHJ5k9zXfObiTS4PSRJKkkuSJCG5JyRJkiSJTUgSkpDrTnLdIfe003a/X3JP2jmSJAkJCc83tupzOqdG/3P5f8539vyNsYZnvmvN+c5ljne/a60x9v6m27AajWtWbcDM8M/Qvy7w538SASABAAYCQE4ACACgXK5yudL3Z9GY+E+9ifhf0nDGle5AXEky/4xN5p+xyfwzNpl/xibzz9hk/hmbzD9jk/kLkaEl579atoy7yfP//8+pfyVZvv8zBPyjHTL//zb6Hzpa5p+xyfwzNpl/xibzz3gu34IFV7QPceXJ5z9jk/kLkaH9258prz97pZ9py/YPbEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghxP8DZ/1lBgB+XV/pvoQQQgghhBBCCPHv49+70h0IIYQQQgghhBDifx+CAg0GAsgEmSEBskBWuAqyQXbIATkhBldDLrgGcsO1kAfyQj7IDwWgIBSCEAgsMERQGIpAHK6DonA9FIPiUAJKgoNSUBpugDJwI5SFm6Ac3Azl4RaoABUvvWe626EK3AFV4U6oBtWhBtSEu6AW3A214R6oA/dCXbgP6sH9UB8egAbQEBrBg9AYHoIm0BSaQXNoAS2h1Z/kJ+X8vfznoSe8AL2gNyRCH+gLL0I/6A8D4CUYCC/DIHgFBsOrMASGwjB4DYbD6zAC3oCRMApGw5swBsbCOBgPE2AiJMFbMAnehsnwzkPZYSpMg+kwA2ZCMrwLs2A2zIH3YC7Mg/mQlGUhLILF8D4sgQ8gBT6EpfARpMIyWA4rYCWsgtWwBtbCOlgPG2AjbILNsAW2wsewDbbDDtgJu2A37IFPYC98CvvgM0jDz//B/DO/zYfuCAioUKFBg5kwEyZgAmbFrJgNs2EOzIExjGEuzIW5MTfmwTyYD/NhIhbAQlgICQkZGQtjYYxjHItiUSyGxbAElkCHDktjaSyDF7z3ZbEclsPyWB4rYEWsiLfirVgZK2MVrIJVsSpWw2pYA2vgXXgX3o21sTbWwTpYF+tiPayH9bE+NsAG2AgbYWNsjE2wCTbDZtgCW2ArbIWtsTW2wTbYDtthe2yPHbADdsSO2Ak7YWfsjF2wC3bFrtgNu2F3fA6fw+fxeXwBX8DeWE31wb7YF/thPxyAL+FL+DIOwlfwFXwVh+BQHIav4Wv4Oo7A0zgSR+FoHI2V1Vgch+OR1URMwiTMDJNwMk7GKTgVp+J0nIEzMRmTcRbOxtn4Hs7FeTgPF+ACXISLcTEuwQ8wBVNwKZ7BVFyGy3EFrsRVuBLX4Fpcg+txA67HTbgJt+AW/Bg/xu24HXfiTtyNu/ET/AQ/xU9xCKZhGu7H/XgAD+BBPIiH8BAexsN4BI/gUTyKx/AYHscTeBJP4Ck8hafxDJ4FgHN4Ds/jebyIF9M//CqdUUZlUplUgkpQWVVWlU1lUzlUDhVTMZVL5VK5VW6VR+VR+VQ+VUAVUIVUIUWKFKtIFVaFVVzFVVFVVBVTxVQJVUI55VRpVVqVUWVUWVVWlVM3q/LqFlVBVVRt3a3qVlVZtXNV1B2qqqqqqqnqqoaqqWqqWqqWqq1qqzqqjqqr6qp66n5VX/XBAdhQpU+msRqKTdQwbKaaqxaqpXodH1at1Qhso9qqdupRNQpHYgfV2nVUT6hOahx2Vk+p8fi06qomYjf1rOqunlM91POqp2rjeqneagr2UX3VdOyn+qsB6iU1C6ur9InVUK+q5zMPVcPUa2oRvq5GqDfUSDVKjVZvqjFqrBqnxqsJaqJKUm+pSeptNVm9o6aoqWqamq5mqJkqWb2rZqnZao56T81V8zSoBWqhWqQWq/fVEvWBSlEfqqXqI5WqlqnlaoVaqVap1WqNWqvWqfVqg9qoNqnNaovaqj5W29R2tUPtVLvUbrVHfaL2qk/VPvWZSlOfq/3qL+qA+kIdVF+qQ+ordVh9rY6ob9RR9a06pr5Tx9UJdVJ9r06pH9RpdUadVT+qc+ondV5dUBeVV6BRK6210YHOpDPrBJ1FZ9VX6Ww6u86hc+qYvlrn0tfo3PpanUfn1flMfl1AF9SFdKhJW8060oV1ER3X1+mi+npdTBfXJXRJ7XQpXVrfoMvoG3VZfZMup2/W5fUtuoKuqCt50Lfpyvp2XUXfoavqO3U1XV3X0DX1XbqWvlvX1vfoOvpeXVffp+vp+3V9/YBuoBvqRvpB3Vg/pJvoprqZbq5b6Ja6lX5Yt9aP6Da6rW6nH9Xt9WO6g35cd9RP6E76Sd1ZP6W76Kd1V/2M7qaf1d31c7qHvqAvaq976d46UffRffWLup/urwfol/RA/bIepF/Rg/Wreogeqofp1/Rw/boeod/QI/UoPVq/qcfosXqcHq8n6Ik6Sb+lJ+m39WT9jp6ip+pperqeoWfqAb9UmvM/yH/7d/IHX3r3LXqr/lhv09v1Dr1T79K79R69R+/Ve/U+vU+n6TS9X+/XB/QBfVAf1If0IX1YH9ZH9BF9VB/Vx/QxfVyf0D/q7/Up/YM+rc/oM/pHfU6f0+d/+T8Ag0YZbYwJTCaT2SSYLCarucpkM9lNDpPTxMzVJpe5xuQ215o8Jq/JZ/KbAqagKWRCQ8YaNpEpbIqYuLnOFDXXm2KmuClhShpnSpnS5oZ/Of/P+mtlWpnWprVpY9qYdqadaW/amw6mg+loOppOppPpbDqbLqaL6Wq6mm6mm+luupsepofpaXqaXqaXSTSJpq950fQz/c0A85IZaF42g8wgM9gMNkPMEDPMDDPDzXAzwowwI81IM9qMNmPMGDPOjDMTzAST5HOaSWaSmWwmmylmipk2MKeZYWaYZJNsZplZZo6ZY+aauWa+mW8WmoVmsVlslpglJsWkmKVmqUk1y8wys8KsMKvMKrPGrDHrzDqzwWwwm8wmk2q2mq1mm9lmdpgdZpfZZfaYPWav2Wv2mX0mzaSZ/Wa/OWAOmIPmoDlkDpnD5rA5Yo6Yo+aoOWaOmePmuDlpTppT5pQ5bU6bs+asOWfOmfPmvLloLqZf9gUqUIEJTJApyBQkBAlB1iBrkC3IFuQIcgSxIBbkCnIFuYNrgzxB3iBfkD8oEBQMCgVhQIENOIiCwkGRIB5cFxQNrg+KBcWDEkHJwAWlgtLBDUGZ4MagbHBTUC64OSgf3BJUCCoGlYJbg9uCysHtQZXgjqBqcGdQLage1AhqBncFtYK7g9rBPUGd4N6gbnBfUC+4P6gfPBA0CBoGjYIHg8bBQ0GToGnQLGgetAhaBq3+rfW9P533Edcr7B0mhn3CvuGLYb+wfzggfCkcGL4cDgpfCQeHr4ZDwqHhsPC1cHj4ejgifCMcGY4KR4dvhmPCseG4cHw4IZwYJoVvhZPCt8PJ4TvhlHBqOC2YHs4IZ4bJ4bvhrHB2OCd8L5wbzgvnhwvCheGiEH++JIaU8MNwafhRmBouC5eHK8KV4apwdbgmXBuuC9eHG8KN4aZyg34+NNwWbg93hDvDXeHucE/4Sbg3/DTcF34WpoWfh/vDv4QHwi/Cg+GX4aHwq/Bw+HV4JPwmPBp+Gx4LvwuPhyfCk+H34anwh/B0eCY8G/4Yngt/Cs+HF8KLoU+/uE//eidDhjJRJkqgBMpKWSkbZaMclINiFKNclItyU27KQ3koH+WjAlSACmUuROmYmApTYYpTnIpSUSpGxagElSBHjkpTaSpDZagslaVyVI7KU3mqQBWoElWi2+g2up1upzvoDrqT7qTqVJ1qUk2qRbWoNtWmOlSH6lJdqkf1qD7VpwbUgBpRI2pMjakJNaFm1IxaUAtqRa2oNbWmNtSG2lE7ak/tqQN1oI7UkTpRJ+pMnakLdaGu1JW6UTfqTt2pB/WgntSTelEvSqRE6kt9qR/1owE0gAbSQBpEg2gwDaYhNISG0TAaTsNpBI2gkTSKRtObNIbG0jgaTxNoIiVREk2iSTSZJtMUmkLTaBrNoBmUTMk0i2bRHJpDc2kuzaf5tJAW0mJaTEtoCaVQCi2lpZRKqbScltNKWkmraTWtpbW0ntbTRtpIm2kzbaWttI220Q7aQbtoF+2hPbSX9tI+2kdplEb7aT8doAN0kA7SITpEh+kwHaEjdJSO0jE6RsfpOJ2kk3SKTtFpOk1n6Sydo5/oPF2gi+QpwWaxWe1VNpvNbnPYnPZv43w2vy1gC9pCNrR5bN7fxGStLWaL2xK2pHW2lC1tb/i7uIKtaCvZW+1ttrK93VaxFWwW+Ou4lr3b1rb32Dr2XlvT3vWbuK69z9azD9n6tqltYJvbRralbWwfsk1sU9vMNrctbEvb3j5mO9jHbUf7REIn++RfxzY9XmI/sGvtOrvebrB77af2rP3RHrHf2HP2J9vL9rYD7ct2kH3FDrav2iF26G9jADvavmnH2LF2nB1vJ9iJfxdPs9PtDDvTJtt37Sw7++/ixfZ9O9em2Pl2gV1oF12K03tKsR/apfYjm2qX2eV2hV1pV9nVds3/7XWF3WQ32y12j/3EbrPb7Q670+6yuy/F6eexz35m0+zn9rD92h6wX9iD9qg9ZL+6FKef31H7rT1mv7PH7Yk+YL+3p+wP9rQ9c+n808/9e3vBXrTeAiMr1mw44EycmRM4C2flqzgbZ+ccnJNjfDXn4ms4N1/LeTgv5+P8XIALciEOmdgyc8SFuQjH+TouytdzMS7OJbgkOy7FpfkGLsM3clm+icvxzVyeb+EKXJEr8a18G1fm27kK38FV+U6uxtW5Btfku7gW3821+R6uw/dyXb6P6/H9XJ8f4AbckBvxg9yYH+Im3JSbcXNuwS25FT/MrfkRbsNtuR0/yu35Me7Aj3NHfoI78ZPcmZ/iLvw0d+VnuBs/y935Oe7Bz3NPfoF7cW9O5D7cl1/kftyfB/BLPJBf5kH8Cg/mV3kID+Vh/BoP59d5BL/BI3kUj+Y3eQyP5XE8nifwRE7it3gSv82T+R2ewlN5Gk/nGTyTk/ldnsWzeQ6/x3N5Hs/nBbyQF/Fifp+X8Aecwh/yUv6IU3kZL+cVvJJX8Wpew2t5Ha/nDbyRN/Fm3sJb+WPextt5B+/kXbyb9/AnvJc/5X38Gafx57yf/8IH+As+yF/yIf6KD/PXfIS/4aP8LR/j7/g4n+CT/D2f4h/4NJ/hs/wjn+Of+Dxf4IvsGSKMVKQjEwVRpihzlBBlibJGV0XZouxRjihnFIuujnJF10S5o2ujPFHeKF+UPyoQFYwKRWFEkY04iqLCUZEoHl0XFY2uj4pFxaMSUcnIRaWi0tENUZnoxqhsdFNULro5Kh/dElWIKkaVoluj26LK0e1RleiOqGp0Z1Qtqh7ViGpGd0W1oruj2tE9UZ3o3qhsdF9UL7o/qh89EDWIGkaNogejxtFDUZOoadQsah61iFpGraKHo9bRI1GbqG3ULno0ah89FnWIHo86Rk9EnaInL+8vHvz8bfo3+xOjPpH+5QnZPXphfFF8cfz9+JL4B/GU+IfxpfGP4qnxZfHl8RXxlfFV8dXxNfG18XXx9fEN8Y3xTfHN8S1x72tmBofpN8JgXOAyucwuwWVxWd1VLpvL7nK4nC7mrna53DUut7vW5XF5XT6X3xVwBV0hFzpy1rGLXGFXxMXdda6ou94Vc8VdCVfSOVfKlXYtXSvXyrV2j7g2rq1r5x51j7rH3GPu8YRfGned3VOui3vadXXPuGfcs667e871cM+7nu4F18v1doku0fV1fV0/188NcAPcQDfQDXKD3GA32A1xQ9wwN8wNd8PdCDfCjXQj3Wg32o1xY9w4N85NcBNckktyk9wkN9lNdlPcFDfNTXMz3AyX7JLdLDfLzXFz3Fw31813891Ct9AtdovdErfEpbgUt9Qtdaku1S13y91Kt9KtdqvdWrfWrXfr3Ua30W12m91Wt9Vtc9vcDrfD7XK73B63x+11e90+t8+luTS33+13B9wBd9B96Q65r9xh97U74r5xR9237pj7zh13J9xJ5/Up94M77c64s+5Hd8795M67C+6i8y4p9lZsUuzt2OTYO7EpsamxabHpsRmxmbHk2LuxWbHZsTmx92JzY/Ni82MLYgtji2KLY+/HlsQ+iKXEPowtjX0US40tiy2PrYitjK2KeV9wW+QL+yI+7q/zRf31vpgv7kv4kt75Ur60v8GX8Tf6sv4mX87f7Mv7W3wFX9FX8k19M9/ct/AtfSv/sG/tH/FtfFvfzj/q2/vHfAf/uO/on/Cd/JO+s3/Kd/FP+67+Gd/NPzvvlyn7nv4F38v39om+j+/rX/T9fH8/wAd+oH/ZD/Kv+MH+VT/ED/XD/Gt+uH/dj/Bv+JF+lB/t3/Rj/Fg/zo/3E/xEn+Tf8pP8236yf8dP8VP9ND/dz/AzfbJ/18/ys/0c/56f6+f5+X6BX+gX+cX+fb/Ef+BT/Id+qf/Ip/plfrlf4Vf6VX61X+PX+nV+vd/gN/pNfrPf4rf6j/02v93v8Dv9Lr/b7/Gf+L3+U7/Pf+bT/Od+v/+LP+C/8Af9l/6Q/8of9l/7I/4bf9R/64/57/xxf8Kf9N/7U/4Hf9qf8Wf9j/6c/8mf9xf8RfmdNSGEEEKI/xH9J/v7/M5r6pctXV8AyL49/6G/rbkxz8/r/mpvpxgAPNG7W8NftkzQMDEx8ZdjUzUERRYAQOxyfia4HC+DdvAYdIS2UOZ3++uvKl267vur+g0b/k39+M0AWQGy/JqTfnv0a3y5/o1/UL/p+/yH9ZdBqkaILwAoVuRyTnrhX+PL9cv+Qf3d7f+4/qX+s3yRBNDmr3KyweX4cv3S8Ag8CR1/c6QQQgghhBBCCPGz/upc9z+5/7x0f17A/Dbv1/jP7s//RJV/tX8hhBBCCCGEEEL8uaef6/H4wx07tu3y37zI/J/Rxn/AAgHgP6CN31tk+U9tLIMurvRPJiGEEEIIIcS/2+WL/ivdiRBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIkXH9838hTP32lQQA+IODr/Q5CiGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEFfa/wkAAP//LqFRhw==")
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x4800, 0x0, 0x0, 0x0, &(0x7f0000000240))
chdir(&(0x7f00000003c0)='./bus\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
r0 = open(&(0x7f00000000c0)='.\x00', 0x8000, 0x50)
getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8)

1.905457368s ago: executing program 8 (id=1886):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000040))
close_range(r0, 0xffffffffffffffff, 0x0)

1.792275079s ago: executing program 5 (id=1889):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380))
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000140)={0x16f, @tick=0x7})

1.533685094s ago: executing program 8 (id=1892):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x5, 0x0, 0x1}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r1}, 0xc)

1.452070565s ago: executing program 2 (id=1893):
r0 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0xb, &(0x7f0000001800)=0x8000, 0x4)
setsockopt$inet6_udp_encap(r0, 0x11, 0x64, &(0x7f0000000080)=0x3, 0x4)
syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030486dd601b8b97004d88c19e9ace5ffb2e9fc603dd282100000002ff02000000000000000000000000000104004e20004db0"], 0x0)

1.414429106s ago: executing program 3 (id=1895):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="1400000042000501"], 0x14}, 0x1, 0x0, 0x0, 0x68840}, 0x4)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000014c0)=@newqdisc={0x34, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x0, 0xa}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0x8}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0xa2f5}]}, 0x34}}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0)
recvmmsg(r0, &(0x7f0000000000)=[{{0x0, 0x140, &(0x7f00000002c0)=[{&(0x7f00000004c0)=""/4091, 0x10e0}, {&(0x7f0000001580)=""/238, 0xf0}], 0x4, 0x0, 0x353}}], 0x40000000000002e, 0x2, 0x0)

1.280375898s ago: executing program 5 (id=1896):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000080)='.\x00\x00\x00', 0x4}], 0x1, 0x0, 0x0, 0x39c}, 0x0)

1.280003748s ago: executing program 8 (id=1897):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000001240)='./file0\x00', 0x10, &(0x7f0000000a80)=ANY=[@ANYBLOB="00e789da34e04a1ffbc2f05cefeb4ee6d5ae1071124b2c2fb684f5c7ac05000000c7880f67e775c748f6381a3e01e7f93330b30b90bbb4d2b697899a16f2df4fa2a8f06ac2c5352ddcae2b83672ef3d9f532e55f4e798924ac6332751e737383f6890d2dcfcbdbd41940a64c7b4374674e7bb6dd0d1b8d3d62f6d77b0282e166e2ce4c353d2d4d315a81146bf46a1508ef0d2ddc7d0b447fe17b85b292d13cea2256a16cab12d75a852bc680da7ea837480feb2e0500001e0000000000003bc18c52d0351cd285197b0641569048b5b416ba1c570000000000100083794afff0a9eed63b1226b18c4b455ab222d7ae1be52a22e8ec8bf2c0c7d99770415863f50aa18bcb66061a29bc55105f3482ed752f882d224a386b51836c1b437036b677156e22e174ff516dbab0b2cdf52bee43c4ffffffffffffffffd9487b8663a339b98df63b4bf3e97f02d6f1e7e65f968dd90841506355d9ac40f1b434c8a9b5bd91a70c53a5aadbebd9ed9d0a55bd47a967163e0c02753f8895bfbf1b41b5490667c241068d59983ae1d0f03e650f5357425284b76d793e25a2558fa437e38b8200000000630000000000000000000000000000000000000000000000e911000000000066e073c14bb74617079e0b6ecfc830db14244567fd8f4e4e5903eaf983786e28295783f130b95dc37f59a658000e88047db7783ce8a9cba6c255902cfb83946ea3f5f7a8cee911b2b37ae4b01e65ea86d5ea7ae17b2a9bc250c9b8fc9fbc04617939bdd13457954172d18701768f8a461bee740f2d82ae566d2e30a93ad2b201a6d16a93c75a950cc437e7f25d3aadddb8edd028d84490b6bafd636aa4fb482a8a4b3987dafe58e742448c4b36b03790090198145dee533257bb9050554f8cace210a5bc5c768f83e99019f7c00ff9ca679768dbba3f7d21c545c99c2f7688f7030fe37121d625d1f81018feb74c9d48eebdf1702550b097271ab9bd38c62f4b31fd9482c05ba0", @ANYRES16], 0x1, 0x11dc, &(0x7f0000001280)="$eJzs3MGLG1UcB/Bf19rW1N2sWqstiA+96GVo9uBFL0G2IA0obSO0gjB1JxoyJiETFiJi9eTVv0M8ehPEm1724t/gbS8eexBHTNR2l3hYdDewfD6X/OD3vuQ9BgbeMG/23/jq40Gvynr5NNbOnIm1cUR6kCLFWvzt83j19R9/euHWnbs32p3O9s2Urrdvt15LKW28+P17n37z0g/Ti+9+u/Hd+djbfH//161f9i7vXdn//fZH/Sr1qzQcTVOe7o1G0/xeWaSdfjXIUnqnLPKqSP1hVUwO9HvlaDyepXy4s94YT4qqSvlwlgbFLE1HaTqZpfzDvD9MWZal9UbwX3S/flDXdURdPx7noq7r+oloxMV4MtZjI5qxGU/F0/FMXIpn43I8F8/HlfmoVc8bAAAAAAAAAAAAAAAAAAAAThfn/wEAAAAAAAAAAAAAAAAAAGD1bt25e6Pd6WzfTOlCRPnlbne3u/hd9Nu96EcZRVyLZvwW89P/C4v6+lud7WtpbjO+KO//lb+/233sYL41/5zA0nxrkU8H8+ej8Wh+K5pxaXl+a2n+Qrzy8iP5LJrx8wcxijJ24s/sw/xnrZTefLtzKH91Pg4AAABOgyz9Y+n+Pcv+rb/IH+H5wKH99dm4ena1ayeimn0yyMuymBxbcS6O/S8UCsX/XKz6zsRJeHjRVz0TAAAAAAAAAAAAjuIkXidc9RoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA/2IFjAQAAAABh/tZpdGwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBVAAAA//8xgdSv")
mount$bind(&(0x7f0000000c40)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2901090, 0x0)
chroot(&(0x7f00000000c0)='./file0/../file0/../file0/file0\x00')
mount(0x0, &(0x7f0000000d40)='./file0/../file0/../file0\x00', &(0x7f00000002c0)='sysfs\x00', 0x0, 0x0)
lsetxattr$trusted_overlay_opaque(&(0x7f0000000080)='./file0/../file0/../file0\x00', 0x0, 0x0, 0x0, 0x2)

1.215997379s ago: executing program 2 (id=1898):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_EXIT_HYPERCALL(r1, 0x4068aea3, &(0x7f0000000000)={0x79})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, 0x0}], 0x1, 0x60, 0x0, 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f00000001c0)=0x1fff)

1.215657819s ago: executing program 4 (id=1899):
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r1, &(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0xfffffffd}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000100)={0x42, 0x2, 0x2}, 0x10)
sendmsg$tipc(r0, &(0x7f0000000040)={&(0x7f0000000000)=@name={0x1e, 0x2, 0x3, {{0x1, 0x1}, 0x2}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4000000}, 0x40000)
bind$tipc(r1, 0x0, 0x0)

1.191511629s ago: executing program 3 (id=1900):
mkdir(&(0x7f0000000200)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000140)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0x9361, 0x0)

1.019752633s ago: executing program 5 (id=1901):
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, r0)
setpgid(0x0, r0)
syz_mount_image$msdos(&(0x7f0000000040), &(0x7f0000001200)='./file0\x00', 0x1000001, &(0x7f0000000300)={[{@dots}, {@dots}, {@fat=@dos1xfloppy}, {@dots}, {@nodots}, {@fat=@flush}], [{@appraise_type}, {@dont_hash}, {@rootcontext={'rootcontext', 0x3d, 'root'}}]}, 0x1, 0x11b6, &(0x7f0000002440)="$eJzs3E1LdGUYB/DLl1LHNHuzdNNNbWpzSBet2gyhEA4U6gQaBEcca5hpRubMYiZaCO1a9TmiZbsg+gJ+i3YSRG1cdSInNMWoHsHxefj9NnPBf264bg4cuA/nOmfvfP1Z66jIjvJ+TE5MxPRcRJynSDEZUzFyEm9+ufnbVzt7+1vVWm1jO6XN6u7a2ymlxVd/+OiLb1/7sT//4XeL38/E6dLHZ7+s/3S6fLpy9vvup80iNYvU6fZTng663X5+0G6kw2bRylL6oN3Ii0ZqdopG71p+1O4eHw9T3jlcqBz3GkWR8s4wtRrD1O+mfm+Y8k/yZidlWZYWKsFd1L85L8syoiyfiqejLMtyLioxH8/EQizGs7EUz8Xz8UK8GC/Fcrwcr8TKxb/G3TcAAAAAAAAAAAAAAAAAAAA8Wcz/AwAAAAAAAAAAAAAAAAAAwPiZ/wcAAAAAAAAAAAAAAAAAAIDxM/8PAAAAAAAAAAAAAAAAAAAA47ezt79VrdU2tlOajfj5ZFAf1Ee/o3zzvdrGW+nC0tWqXweD+tRlvjbK0/V8Jip/5eu35rPxxuuj/M/s3fdrN/LVOPz39n2JAAAAAP6DLF269XyfZf+Uj6q/PR+4cX6fjtXpe9sGj6gYft7K2+1GT6F4nIpqRDyANh5wMXG35eO+M3Efri76uDsBAAAAAAAAAADg/7iPtxHHvUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD/YgWMBAAAAAGH+1ml0bAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwVQAAAP//FBKU4Q==")
wait4(0x0, 0x0, 0x8, 0x0)
ioprio_get$pid(0x1, r0)

923.905864ms ago: executing program 3 (id=1902):
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2000081, &(0x7f0000000080)=ANY=[@ANYRES8=0x0, @ANYRES8, @ANYRES64, @ANYRES64=0x0], 0x0, 0x23e, &(0x7f0000000bc0)="$eJzs3c9qE1EUB+AzSdqmukgWrkRwQBeuStsnSJEKYldKFupCi21BklCwEGgVQ1c+gU/ic7jxDXwAoTtdFEYmSZsWUm0wf0r9vk0uzP3NOTe5Iau5eX2n1dja3ds5/PA9yuUkCrWoJUcR1ShEbiEAgOvmV5bFUdYzWrJUmFRPAMBkXfL3f3GKLQEAE/bs+Ysnaxsb60/TtBzR+tSuJ9F77V1f24m30YztWI5KHEdkp3rjR4831qOU5qpxv9Vp1/Nk69XX/v3XfkR08ytRierw/Eracybfadfn4ka/fi3Pr0Ylbg3Prw7JR30+Htw70/9SVOLbm9iNZmxFnh3kP66k6cPs88/3L/OO83zSadcXuvMGsuLUPxwAAAAAAAAAAAAAAAAAAAAAAK6tpTRN0yz7kmVZ1jl3/k7xuHt9KT1RPX8+Ty9/0flAnTPn6yznJZLe/EG+FLdLUZrl2gEAAAAAAAAAAAAAAAAAAOCq2Ns/aGw2m9vvxjo4eax//Hf+10EU+601k4gr0E93sJj3M51ad2PEWrURS0Rh/6Bxsrsam0n8JVWe0CbJhmy/4oWp+TFVn7853lUkETF3+mb+aXIh5sb8TQEAAAAAAAAAAAAAAAAAAKZs8NDvkIuHM2gIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGZg8P//Iww6/fAlUzNeIgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP+B3wEAAP//bkR7Lg==")
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt(r0, 0x84, 0x80, &(0x7f0000000040)='\x00\x00\x00\x00\t\x00\x00\x00', 0x8)

923.347014ms ago: executing program 4 (id=1903):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x8, 0x3, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x51, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4d50}, 0x94)
r0 = syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x4a9e, 0x0, 0x3, 0x24d}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_MADVISE={0x19, 0x7b, 0x0, 0x0, 0x0, &(0x7f0000011000/0x4000)=nil, 0x4000, 0xc})
io_uring_enter(r0, 0x47bc, 0x20, 0x0, 0x0, 0x0)

902.819715ms ago: executing program 2 (id=1904):
syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000240)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1e7d, 0x2d50, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x5, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x33, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0xc, 0x0, 0x7}}}}}]}}]}}, 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000001540), 0x0, 0x0)
ioctl$EVIOCGLED(r0, 0x5452, &(0x7f0000000240)=""/77)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000000180)={0x57, 0x0, 0x0, {0xfffe, 0x1}, {0x74, 0x2}, @const={0x6, {0x7f, 0x0, 0x8000, 0xfffd}}})
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x78, 0x822b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1068)

740.692608ms ago: executing program 8 (id=1905):
syz_mount_image$btrfs(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x16, &(0x7f00000002c0)={[{@nobarrier}, {@noflushoncommit}, {@nossd}, {@commit={'commit', 0x3d, 0x3f}}, {@nodatasum}, {@nodiscard}, {@nobarrier}, {@compress_algo={'compress', 0x3d, 'zstd'}}, {@noacl}]}, 0x9, 0x5104, &(0x7f000000a5c0)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac8957pz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVGLq3vKA1a6fnH30U17mxuPH27Xr146e7L80lkwsdITWCn5eXVh8Vxqdn6PJHt024VTr9Zzimb90xPuX3kRAMCSTLU6i+7H0fwjbre9P60n7WbSbift+AmhXWwsRzbuqn7z3JDWV2iezSwqjPedZ1LP3/9uu5X2T9pJ1FjCPHt3zSPNRL95ziX1lZonAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ3kkbdHH6qqn7o2febcTHPngS0zl/dNrzsdQqOzvZaVa6vfP9z869utxw78uPmr4xeef6ye94vL0cLO4be48sRkCG8UKhfisBfXhtDqLXSa4cty4a3OynOxAAAAwN3k/s7vkW47i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLxuu7H4UysE4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6PFaceNv8YJ75pcNWjiAAAAQF/x/90Xv1qIeT375iDN6089evBc1Xil/N8cLv+P3dJXBQAAANyMI19sf7iqXsr/reHy//htnTUAAACwFO98OPFBVb2U/2dvnP/rSf5fnS/zKx+yTj/Fv0I4NBnCxMLKXFb4ObSf7hYAAACAWyTm9D8/3flD1X6l/D9Xff//eKeDeP1/z/3/Ctf/hzDVW8ju+vdkXgAAAIB7Svl6/nh7/OzJBf2evz/s9f8P/O/gq1XHL+X//cPl/3pxeSuf/wcAAADL8F97/t/20jjVBt3//76P3v2lqn8p/7eHy/9xuab48k7E9+e9yRDWL6zkdxP8Jh5uV1KYHysUOlpJj22xR16YHy8UOuaSHpsnQ3hwYWV/Uvh/LLSTwpW1eeFIUjgdC/n50C0cSwon4pn2+dp8umnh+1jIL7CYj1dQrOleEpH0uNqvx0Lhhj3Odg8OAABwT4nhOc+yY73NkEbZ+dqgHVYP2mFk0A71QTuMJjukO/bbHmZ7C3F7+8zGpT3//8hw+T++Fflz/vpd/x/i9f/5cw271//PxkIjKczHQiu9Y0ArHiMLux/HYzRaeY8r67sFAAAAuKvF7wXqKzwPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+Ie9e42Rq7oPAH72Od6H1wtJFUKjZJPUOG7i9domD7VUWVOqRqQ064aCqohiY6/J4gU7tikxCpGxiWiEoLRBSj4UYRRFNR+gViAiKSBcpDhC5RFRFQUQKLSGKIiUkkSkCVKoZu89s3fO3Xks9hov/f0k75yZ/3neeXjOvXfOBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/n84/JWr/rZZ/OHfnvP0cxeOX7Zv/YUvX3POqY+HMDHzeEcW7ui//tbxn9959l377lt72z1Hz/1wb14uj4eB6p/O/M51sdajS0O4tyOE7jSwajAL9OT3B2N97xkM4ZQwG6iVmOzPSqQNh+/3hXAgzAZqVX2vL4TBQuD8Jx568MZq4pa+EJaHECppG89Wsjb60sAZvVmgPw1s784Cv3ojUwt8tzMLwDGLb4bai/7QRH2G4bnLNXj99Ry3jr210uF1xcRw43w/W7/AnSroTR+YOKanrVQdC6L09jjs3bYI3m2l7Xyzp634RSr/hvLGbKgSOrdMbt105fTu+EhnGB3talTTAj3PT736pc3zSS+a12HswPBxeR3e9NjyO7tWnvfoPauWv3jwI/tfOtZu/qiwSYvphVYJ+Wtu0TyP0bjPk0Xw9it9SxrxpSuEsPXzv/eZZvHS/H+4+fw/vpzjbWdd7ljr60PZ3Dw+MhgTrwxlc3MAAABYNBbDXtPtow98oll9pfn/SHvH/+Mh/3wyn432cAjjM4n9y0I4bebxLHBHbO6SZSG8fyY1UR9YnwQOh/DumcTKWlVJiSWxxEgS+MlQHhhPAkdiYCIJfCsGbk4C18XAoSSwOQYOJ4GzYyBM1Y/j94fycbQd6IuBjdlGPBTPQvjFUGwt2VbP1KoCAAA4TvLZYU/93cK5DseaIU4vD/W1yhDPwG6YoZLUkM5ga9OqhjV0t6qhs1UNtXHvbT78Us0drWounYbRUZ/h1l/+zWdDE6X5/1jz+X9ljo50lI7/h7Bh5m/M3ZlHpmvxjRN1GQAAAIBjMPC/z3+zWbw0/x9v7/z/uE+kq5A5PBJ3Q2xbFsJYfSCr9g/Lgeyo90AeAAAAgMWgdjy+dix8Kr/NTtFO59Pl/BPzzB8P/I/Pmb/38P0bm/W3NP+faO/8//7626wTR2IvvrYshCWFwA9iL6uBGSMx8ONP1gfy8R+JG+CGWFV+YkKtqhtiiY0xMJYEDjQq8cNaidPqA/mTVWt8f20cU3mJQgAAAABOuLg7IB6Xj+f/f+A3a69qVq40/984v/P/Z+bBpdP7pwdCWN0dQlf6w4BH+rOFAWNgsCNPPNCf1dWVVnVtfwhnVQeWVvV8vv5/d7rG4BN9WVUxcNoHDr56RjXxzb4QVhcDT37u9o9WE7uTQK3xv+wL4X3V0aaNf2dJ1nhP2vjXl4Tw3kKgVtUlS0KoNtabVvVQJb+OQVrVP1dCeEchUKvqY5UQ9gQAFqn4X+mW4oO79ly9bdP09OTOBUzEffh9YevU9OTo5u3TWyoN+rQl6XPdMkbXlsfU7pVvnsmXKLrg7g2D7aRrvxMcK7aV78cvnTiY34/fhXpmxrm2p+7uunTIH/pguYlQ+CbVaMidCzzk/mIls09iqf6YvzcMhCVX7prcOfrFTbt371yT/W03+9rsbzzMlG2rNem26p+rb228PBqulpV4s9tqRbGS1bsv37F6156rV01dvunSyUsnr1jzsbVjZ46tG/v4mauroxrL/rYY6oq5qk6G+sbtbY7rOA719O5CJSfiU0NCQmKxJbYPrGj6f3Jp/r+j+fw/furET/58fYZGx/+H42H+7PHZw/wbY+BAu8f/hxsdza+dGDCSBPbGwF6H+QEAAHh7iJP8uDcz7pX+6crvvNisXGn+v7e93/8fp/X/a0vXn9tomf+VscRYo/X/02X+a+v/7220/n+6zH9t/f8Db8H6/1fWAskm+YX1/wEAgLeDE7f+f8vl/dMLBJQytFzeP71AQClDy2X8271AwLzX/3/2P//qv0MTpfn/ze3N/y3cDwAAACePL//ZVb/TLF6a/x9ob/5/4tf/C43O/x9pFJhotDCg9f8AAABYpBqt/zd8ff/FzcqV5v+H2pv/x9MuOutyx1pfH8rWtAvpmnavDNV+MgAAAACLQ2cYHe1pM2/dyqjr33ybT+VLgTZLFz3/J0fnd/7/4fbm/3W/y7jpseV3dq0879HX71m1/MWDH9n/0uzxfwAAAGDhtLtfAgAAAAAAAAAAAAAAeOs9/x/71jWLl37/HzbMPN7o9//xun/x9wXvrMsda229/l9+//xP37VnZsnCR4ZC+GAxsG3ftlNCfm3+FcXAgxetfFc1sS8tcf9zZ79QTVycBj616tTXqomzksDGuEjiu9NAvKria0uTQFxe8d/TQNweh9JAbx746tJsHB3ptvrpYLatOtJt9fRgCMsKgdq2uncwa6MjHeAtSaA2wC+kgTjAP88DnWmv7hrIehUDg7HobQNZrwAAOGnFb4E9YevU9ORY/Aofb0/vrr+N6pYsu7ZcbUebzT+TL012wd0bBttJd6XfRWevNd4TKtUhrCl9XS1m6ZgZ5fGppcWme2eDIbda7a2zQbnUfDddb+MR9WUjGt28fXpLT8uBr2udZW13yyxrSpOdYpbOmU3aRi1t9KWNEbW5bdrocrzfGUZHu5JcfxCDw6FOq1dEu7/XL67z1+hVUMxzxdH9v2pWX2n+P9ze/L9SHNdr+cUA9sYr6/3dMsv8AwAAwML66vpffyP+++z1Dz/ZLG9p/j/S3vw/7sHKDwVnezsOx+v/718Wwsyl9YezwB2xuUuWhfD+mdRELJFdUP/cWGIsC9wRd5isjCU2TtRXtSQGDiWBnwzlgcNJ4EgM5HspDoZ8V87fD4Xw0ZnUhvoSO2KJ4STwmRgYSQKjMTCWBJbGwHgSeHlpHphIAv8WA2GqflvdvTTfVgAAAPORz7N66u+GdJ53qLtVho5WGfpbZehslaHSKkOjUcT7344ZepKTVzoKmXrSWvuSWkoZ4sXw592vUobww/qcacFS0/H8g9r5Bh31Ge77RHclNFGa/4+1N//vr7/NWj8S5/+z1//LAj+I3ftaPHV8JAZ+/Mn6QL5j4Eic7N5Qq2oiL5FP2m+IJcZjYCQJ7IiB8SSwcUMeOPCu+kA+0641vr/W+FReohAAAACAEy7uIIi7aeL8/7ZdXxloVi6f/4/U5v/j7c3/Y3sDxcaui7UeXRrCvR2zvakFVg1mgbgfYzD+PP49gyGcUtjBUSsx2Z+V6E0aDt/vy36h3ptW9b2+7McH8f75Tzz04I3VxC19ISwv7H2ptfFsJWujLw2c0ZsF+tPA9u4sEPf81ALf7cwCcMxqewXjCyo/1aVmeO5yDV5/b5drgqbDK+0DnSPfXL+5WiilHa75PtWa+T1tTfffctyU3h6HvdsW47tt2Lut+EUq/4byxmyoEjq3TG7ddOX07vhI8ZesJQv0PBd/pdpO+ji8Dve++d62Vkk7MJZ8fIzNXW7u12FHrO6mx5bf2bXyvEfvWbX8xYMf2f9S291oIP5Q+KFr/nXwR4XNu9AqIX/NLbrPkwmfJ4vxv4ERT1sIYcPLX7+hWbx0/H+ivfl/d3I749dxY+5aFsKHChv3kbj5/3hZ9jlYCGSfku8oB7JD7v811PCTEwAAAI632u6O2v6Cqfw2OyE8nSeX80/MM3/cXzE+Z/52+93/1xctbxYvzf83Np//L0m66fi/4/8sEMf/53Sy74pekj6w95h2RZeqY0E4/j+nk/3d5vj/nBz/d/x/Lo7/t+D4/5xO9qet9C1phy9dIYQX/+iBp5vFS/P/He3N/63/N/eifbX1/zY2Wv9vR6P1//Za/w8AAFhQDRaaS+d5pdX7ShnS1ftKGVouENhyiUHr/817/b8XTn/2N6GJ0vx/b3vz//hyGCi2vljW/xvZ0KCqm2Ngh4UBAQAAOBk12kEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAW+u+f/ifLc3iD//2nKefu3D8sn3rL3z5mnNOfTyEqZnHO7JwR//1t47//M6z79p339rb7jl67ocrebme/PZ363LHWl8fCuFA4ZHBmHhlqHpnNnD+p+/a011NPDIUwgeLgW37tp1STXxrKIQVxcCDF618VzWxLy1x/3Nnv1BNXJwGPrXq1NeqibPyQEfa3X9cmnW3I+3ujUtDWFYI1Lp72dL6qmpt/Gke6Ezb+KfBrI0YGIxFvzGYtRED07HE1JIQVneH0JVW9XAlq6orrepfKllVXWlVX66EcFYIoTut6rnerKrudOSP92ZVxcBpHzj46hnVxIHeEFYXA09+7vaPVhNfSAK1xv+iN4T3VV8yaePf7ska70kbv6UnhPeGEHrTEr/szkr0piWe7w7hHYVArfHPd4ewJ/C2ED986j7Rdu25etum6enJnQuY6M3b6gtbp6YnRzdvn95SSfrUSEch/ca1b37sz7z6pc3V2wvu3jDYTro7L9cz0+W1PXV3153svY/96i9WMvt8lOqP+XvDQFhy5a7JnaNf3LR798412d92s6/N/nbl0WxbrVks22pFsZLVuy/fsXrXnqtXTV2+6dLJSyevWPOxtWNnjq0b+/iZq6ujGsv+Nh5qb9tDvf3ED/X07kIlJ+IDQOLEJqqvy5OgGxKLOtFZ9+k2drJ/kJe+6M92tCdUZj6gS9OKYpaOmVEej0GvT4Irjv+gR+L3lJYjWlOaOJSyrG2dZV1pMjGbpS/LMvO9rjQ5LNbUObNJ4/3OMDra1Wg7DNffLW7en6Wbdx6eyjdju2kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP9jBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCjtwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYgWMBAAAAAGH+1mH0bAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlwIAAP//5DAgkw==")
open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x8042, 0x0)
pwrite64(r0, &(0x7f0000000400), 0x0, 0x140)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x141842, 0x0)
ioctl$EXT4_IOC_GET_ES_CACHE(r1, 0x4020940d, &(0x7f0000000440)={0x6, 0x0, 0x0, 0x4})

692.004539ms ago: executing program 4 (id=1906):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
setsockopt$inet_int(r0, 0x0, 0x7, &(0x7f0000000080)=0x7, 0x4)
syz_emit_ethernet(0x2a, &(0x7f00000001c0)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x8}}}}}, 0x0)
setsockopt$inet_int(r0, 0x0, 0x14, &(0x7f0000000000)=0x3ff, 0x4)
recvmmsg(r0, &(0x7f00000015c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x2, 0x0)

691.497259ms ago: executing program 3 (id=1907):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe1a}], 0x1, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000000000001701000003000000010000000000000000000000000000001701000002000000000000007005baa38d33e2e1650de8f13f421b2d4b60252e76171216e42961c3b08d4d3dacb0a7089ff7cbfd613d46fa95d6e2f6e76ac3266c9b1a531c4bcf0e7071f117cca4e883b4a6eb5dee7a9ab4d05d7ee311ab1c55b817285e0c3714ee6137e3b8553de667701a7c93437583b5f0b285a188098c1ac4ebac40b315ff8db6f736992497879a42b95248fed4d4888970573d0e88ceead26d97e172588a3ad30fbd01b7bbeeaa668e835f7ae3113fe2d949bb47bc0b2c62541714cc0538601ae4bab19d69a5addee134dd447034da6dd89704603d31a3d25b9d5f46cfd43d9e29aac7422920d98e1463256bd4cc929373ad9000000000faf6a95a04ad3b9db9b230f8224a3d6db187a94e5dadfe181d20d3a4bd08e8b0e6eeb79fdee230dd852a36dfc9046d03b8f316b2d460ca5d08c515d914db8ce430ea0237911c440ee750fe787aaffa83b809651c529e4cf68c8219a827ea003c59e3e51b00cd7f9464f37be2eb3e1475819ad37edcc238b85ab205a2b394916815d9cf7bf3f8e3d19a4697756299e21f2afd3ae31e0f09b8153965635216de47156f4e5fc97cb04f9c5e13256be1d9e0a94f9c6387940de1bcd7b532d16ebba216601cf23be6a7c259550bd059a5a7aee85eb558de8201c1d9c7b29e27313f61cf0b07dd790071bdbceabdd32ce2bcc279b1575a1431b03e5dc37307d15a2782175c87dad1a3aadf48b382bea4ae0b423edee0e12ada4c1dacc40bf387630792ab5c7ed6e2ef7e8a77268b0ff8978ccddfa8da4521d24b3fddc70d181c20caa9a584df9b2e"], 0x18}], 0x4924924924924fd, 0x0)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x10, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)

530.819141ms ago: executing program 4 (id=1908):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000002300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x18)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
close(r0)

466.467022ms ago: executing program 3 (id=1909):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000480)={@dev={0xfe, 0x80, '\x00', 0xff}}, 0x14)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000180)={@remote, 0x0, 0x1, 0x0, 0x0, 0x7}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f00000000c0)={@remote={0xfe, 0x80, '\x00', 0xffffffffffffffff}, 0x0, 0x2}, 0x20)
close(r0)

301.008195ms ago: executing program 3 (id=1910):
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000600), 0x2, 0x0)
r1 = epoll_create(0x207)
epoll_pwait2(r1, &(0x7f0000005b40)=[{}], 0x1, 0x0, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000005600)={0x30000008})
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x200000b, 0xc3072, 0xffffffffffffffff, 0x63fc6000)
read$FUSE(r0, &(0x7f000000ee40)={0x2020}, 0x2020)

300.376235ms ago: executing program 4 (id=1911):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x9}, 0x1c)
listen(r0, 0x3)
setsockopt$inet6_int(r0, 0x29, 0xb, &(0x7f0000000100)=0x400, 0x4)
syz_emit_ethernet(0x4a, &(0x7f0000000080)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "2a8435", 0x14, 0x6, 0xff, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x4, 0x5, 0xc2}}}}}}}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000240)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '@\x00', 0x14, 0x6, 0x1, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x7, 0x0, 0x0, 0xf}}}}}}}, 0x0)

216.916727ms ago: executing program 5 (id=1912):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_DELRULE={0x110, 0x8, 0xa, 0x5, 0x0, 0x0, {0x7, 0x0, 0x1}, [@NFTA_RULE_EXPRESSIONS={0xd0, 0x4, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @xfrm={{0x9}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_XFRM_KEY={0x8, 0x2, 0x1, 0x0, 0x3}]}}}, {0x14, 0x1, 0x0, 0x1, @connlimit={{0xe}, @void}}, {0x8c, 0x1, 0x0, 0x1, @range={{0xa}, @val={0x7c, 0x2, 0x0, 0x1, [@NFTA_RANGE_FROM_DATA={0x50, 0x3, 0x0, 0x1, [@NFTA_DATA_VALUE={0x49, 0x1, "34893d24d852a6eff62bfbc5e5bd4654eb3c9f0b14f3bd6cec77a56d8a5b18f52099d89b18c249a77390af387fb72842fade47d660e04178e49c9b539f7eba2ef9cc3c4783"}]}, @NFTA_RANGE_OP={0x8}, @NFTA_RANGE_SREG={0x8, 0x1, 0x1, 0x0, 0x8}, @NFTA_RANGE_OP={0x8}, @NFTA_RANGE_SREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_RANGE_OP={0x8, 0x2, 0x1, 0x0, 0x1}]}}}, {0x10, 0x1, 0x0, 0x1, @quota={{0xa}, @void}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_HANDLE={0xc, 0x3, 0x1, 0x0, 0x3}, @NFTA_RULE_POSITION_ID={0x8}]}, @NFT_MSG_NEWRULE={0x4c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @rt={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_RT_DREG={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_RT_KEY={0x8, 0x2, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x1a4}}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'macvlan0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="480000001c00110c0000001400000f0007000000", @ANYRES32=r1, @ANYBLOB="800202000a0002"], 0x48}}, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000940)={0x0, 0xc, &(0x7f00000001c0), 0x1}, 0x0)

64.056099ms ago: executing program 4 (id=1913):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./bus\x00', 0x800810, &(0x7f0000000180)={[{@nobh}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4}}]}, 0xff, 0x23f, &(0x7f0000000540)="$eJzs3T1oLFUYBuB3Zne95t5FrtoI4g+IiAbCtRNsYqMQkBBEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpIm2CiCVdQUsRE0WBgstFiZnURisuLPxh1xngdmZ2b3nPnOMPOe3WbYAK11Nclskk6S6SS9JMXpBnfWy9Xj3c2p3cVkMHjsh2LYrt6vnfS7kmQjyQNJdsoiL3STte2nDn7ae+Se11d7d7+7/eTURE/y2OHB/qNH78y/9sHc/WufffHdfJHZ9H93XhevGPFet0hu+jeK/UcU3aZHwF+x8Mr7X1a5vznJXcP891KmvnhvrFy308t9b/9R3ze///zWSY4VuHiDQa/6DtwYAK1TJumnKGeS1NtlOTNT/4b/qnO5fHF55eXp55dXl55reqYCLko/2X/4o0sfXjmT/287df6B/68q/48vbH1dbR91mh4NMBG31asq/9PPrN8b+YfWkX9oL/mH9pJ/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aK/T+QcA2mVwqeknkIGmND3/AAAAAAAAAAAAAAAAAAAA521O7S6eLJOq+clbyeFDSbqj6neG/0ecXD98vfxjUTX7TVF3G8vTd4x5gDG91/DT1zd802z9T29vtv76UrLxapJr3e75+684vv/+uRv/5PPes2MW+JuKM/sPPjHZ+mf9stVs/bm95ONq/rk2av4pc8twPXr+6VfXb8z6L/085gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmF8DAAD//xFQbUc=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000500)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)

0s ago: executing program 5 (id=1914):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="09000000060000000800000001"], 0x48)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xd, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000002a00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000580)={{r0}, &(0x7f00000004c0), &(0x7f0000000540)}, 0x20)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)

kernel console output (not intermixed with test programs):

evice loop9): using spread ssd allocation scheme
[  345.392797][ T9528] BTRFS info (device loop9): using free space tree
[  345.425930][ T9550] exFAT-fs (loop5): error, broken FAT chain.
[  345.435339][ T5206] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  345.463271][ T9550] exFAT-fs (loop5): Filesystem has been set read-only
[  345.507059][ T9550] exFAT-fs (loop5): error, failed to bmap (inode : ffff888054c814e0 iblock : 8, err : -5)
[  345.635256][ T5206] usb 8-1: Using ep0 maxpacket: 8
[  345.664849][ T5206] usb 8-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[  345.674124][ T5206] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  345.683019][ T5206] usb 8-1: Product: syz
[  345.687667][ T5206] usb 8-1: Manufacturer: syz
[  345.701466][ T5206] usb 8-1: SerialNumber: syz
[  345.711818][ T5206] usb 8-1: config 0 descriptor??
[  345.939326][ T5206] usb 8-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  345.948592][ T9528] BTRFS info (device loop9): rebuilding free space tree
[  346.172268][ T5206] dvb_usb_rtl28xxu: probe of 8-1:0.0 failed with error -71
[  346.205669][ T5206] usb 8-1: USB disconnect, device number 4
[  346.253876][   T26] audit: type=1800 audit(1753320967.393:155): pid=9585 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.1336" name="file2" dev="loop9" ino=263 res=0 errno=0
[  346.676076][ T7277] BTRFS info (device loop9): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  348.220793][ T9639] loop3: detected capacity change from 0 to 2048
[  348.253574][ T9593] loop8: detected capacity change from 0 to 40427
[  348.286044][ T9639] UDF-fs: bad mount option "ÞêÖWÅÖLÁÇ—Ìœ+?¶ÇxkµÆŒñ}AJöÖCrevÔþ\J¿U{ˆ'®Ã	 ®™uõ4ùòE—ÅXa-kŦÕ+LÞ?Ù2½Ó(4ÿà(j&ÞeÕ½G³H�Xµç¯;˜C3@b…g3�x¤V$옊Röºß=”£Ü2§¯Ó¬Ü8ß5Æqã¡MÐ×3¼mîãŠhÆ„;¬ŠeþÉàöýô4s{*€lLD00000000000000000000" or missing value
[  348.296110][ T9593] F2FS-fs (loop8): invalid crc value
[  348.425182][ T4450] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  348.470032][ T9593] F2FS-fs (loop8): Found nat_bits in checkpoint
[  348.675154][ T9593] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  348.881005][ T9593] F2FS-fs (loop8): Inconsistent segment (8) type [1, 0] in SSA and SIT
[  349.305168][ T2185] usb 10-1: new high-speed USB device number 7 using dummy_hcd
[  349.517249][ T2185] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  349.551355][ T2185] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  349.585043][ T2185] usb 10-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  349.614619][ T2185] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  349.636403][ T2185] usb 10-1: config 0 descriptor??
[  349.642604][ T9661] [U] .
[  349.800820][ T9654] loop3: detected capacity change from 0 to 32768
[  349.830653][ T9654] XFS (loop3): Mounting V5 Filesystem
[  349.936954][ T9654] XFS (loop3): Ending clean mount
[  349.955538][ T9654] XFS (loop3): Quotacheck needed: Please wait.
[  350.047425][ T9654] XFS (loop3): Quotacheck: Done.
[  350.055480][ T2185] cm6533_jd 0003:0D8C:0022.000F: unknown main item tag 0x0
[  350.062860][ T2185] cm6533_jd 0003:0D8C:0022.000F: unknown main item tag 0x0
[  350.105863][ T2185] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/0003:0D8C:0022.000F/input/input24
[  350.166181][ T2185] cm6533_jd 0003:0D8C:0022.000F: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.9-1/input0
[  350.287733][ T2185] usb 10-1: USB disconnect, device number 7
[  350.325239][ T4266] XFS (loop3): Unmounting Filesystem
[  350.563246][ T9685] fido_id[9685]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.9/usb10/report_descriptor': No such file or directory
[  351.279708][ T9683] loop5: detected capacity change from 0 to 32768
[  351.311898][ T9683] 
[  351.311898][ T9683]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  351.311898][ T9683] 
[  351.333658][ T9699] I/O error, dev loop17, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  351.373844][ T9699] F2FS-fs (loop17): Unable to read 1th superblock
[  351.389450][ T9683] ERROR: (device loop5): diWrite: ixpxd invalid
[  351.389450][ T9683] 
[  351.402847][ T9699] I/O error, dev loop17, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  351.421028][ T9699] F2FS-fs (loop17): Unable to read 2th superblock
[  351.438382][ T9683] ERROR: (device loop5): txCommit: 
[  351.438382][ T9683] 
[  351.443294][ T9701] loop7: detected capacity change from 0 to 512
[  351.451437][ T9702] I/O error, dev loop17, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  351.474839][ T9703] ERROR: (device loop5): diWrite: ixpxd invalid
[  351.474839][ T9703] 
[  351.485138][ T4699] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  351.492355][ T9702] F2FS-fs (loop17): Unable to read 1th superblock
[  351.507369][ T9703] ERROR: (device loop5): txCommit: 
[  351.507369][ T9703] 
[  351.515633][ T9702] I/O error, dev loop17, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  351.550525][ T9705] ERROR: (device loop5): diWrite: ixpxd invalid
[  351.550525][ T9705] 
[  351.560313][ T9702] F2FS-fs (loop17): Unable to read 2th superblock
[  351.638023][ T9705] ERROR: (device loop5): txCommit: 
[  351.638023][ T9705] 
[  351.638390][ T9683] 
[  351.638390][ T9683]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  351.638390][ T9683] 
[  351.661167][ T9701] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  351.698089][ T4699] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  351.715212][ T9701] ext4 filesystem being mounted at /150/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  351.719480][ T4699] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  351.746073][ T9683] 
[  351.746073][ T9683]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  351.746073][ T9683] 
[  351.803905][ T4699] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  351.861612][ T4699] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  351.903410][ T9683] ERROR: (device loop5): diWrite: ixpxd invalid
[  351.903410][ T9683] 
[  351.922268][ T4699] usb 4-1: config 0 descriptor??
[  351.953496][ T6828] EXT4-fs (loop7): unmounting filesystem.
[  351.960161][ T9683] ERROR: (device loop5): txCommit: 
[  351.960161][ T9683] 
[  352.203328][ T4890] ERROR: (device loop5): diFree: wmap shows inode already free
[  352.203328][ T4890] 
[  352.258491][ T4890] 
[  352.258491][ T4890]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  352.258491][ T4890] 
[  352.320275][ T4890] 
[  352.320275][ T4890]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  352.320275][ T4890] 
[  352.420484][ T9718] loop8: detected capacity change from 0 to 2048
[  352.471232][ T9718] UDF-fs: bad mount option "ÞêÖWÅÖLÁÇ—Ìœ+?¶ÇxkµÆŒñ}AJöÖCrevÔþ\J¿U{ˆ'®Ã	 ®™uõ4ùòE—ÅXa-kŦÕ+LÞ?Ù2½Ó(4ÿà(j&ÞeÕ½G³H�Xµç¯;˜C3@b…g3�x¤V$옊Röºß=”£Ü2§¯Ó¬Ü8ß5Æqã¡MÐ×3¼mîãŠhÆ„;¬ŠeþÉàöýô4s{*€lLD00000000000000000000" or missing value
[  352.495083][    C1] vkms_vblank_simulate: vblank timer overrun
[  352.561497][ T4699] usb 4-1: language id specifier not provided by device, defaulting to English
[  352.587846][ T9695] loop9: detected capacity change from 0 to 40427
[  352.630653][ T9695] F2FS-fs (loop9): Invalid log_blocksize (268), supports only 12
[  352.684893][ T9695] F2FS-fs (loop9): Can't find valid F2FS filesystem in 1th superblock
[  352.734731][ T9695] F2FS-fs (loop9): invalid crc value
[  352.872767][ T9695] F2FS-fs (loop9): Found nat_bits in checkpoint
[  352.967981][ T4699] input: HID 256c:006d as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.0010/input/input25
[  353.041154][ T9695] F2FS-fs (loop9): Try to recover 1th superblock, ret: 0
[  353.067556][ T9695] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  353.093025][ T4699] input: HID 256c:006d as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.0010/input/input26
[  353.185188][ T4699] input: HID 256c:006d Touch Strip as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.0010/input/input27
[  353.237420][ T4699] input: HID 256c:006d Dial as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.0010/input/input28
[  353.303337][ T4699] uclogic 0003:256C:006D.0010: input,hiddev0,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.3-1/input0
[  353.416462][ T4699] usb 4-1: USB disconnect, device number 16
[  353.744490][ T9736] fido_id[9736]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/4-1/report_descriptor': No such file or directory
[  353.949966][ T9716] loop7: detected capacity change from 0 to 40427
[  353.970980][ T9729] loop5: detected capacity change from 0 to 32768
[  353.995150][   T14] usb 10-1: new high-speed USB device number 8 using dummy_hcd
[  354.004459][ T9729] BTRFS error: device /dev/loop5 already registered with a higher generation, found 8 expect 11
[  354.045052][ T9716] F2FS-fs (loop7): invalid crc value
[  354.132096][ T9716] F2FS-fs (loop7): Found nat_bits in checkpoint
[  354.195099][   T14] usb 10-1: Using ep0 maxpacket: 16
[  354.209876][   T14] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  354.272535][   T14] usb 10-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  354.322117][   T14] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  354.373200][   T14] usb 10-1: config 0 descriptor??
[  354.401690][ T9716] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  354.555776][ T9509] BTRFS error: device /dev/loop5 already registered with a higher generation, found 8 expect 11
[  354.606368][ T9716] F2FS-fs (loop7): Inconsistent segment (8) type [1, 0] in SSA and SIT
[  354.870149][   T14] mcp2221 0003:04D8:00DD.0011: unknown main item tag 0x0
[  354.897581][   T14] mcp2221 0003:04D8:00DD.0011: unknown main item tag 0x0
[  354.927645][   T14] mcp2221 0003:04D8:00DD.0011: unknown main item tag 0x0
[  354.985786][   T14] mcp2221 0003:04D8:00DD.0011: unknown main item tag 0x0
[  355.028373][   T14] mcp2221 0003:04D8:00DD.0011: unknown main item tag 0x0
[  355.084615][   T14] mcp2221 0003:04D8:00DD.0011: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.9-1/input0
[  355.169684][ T9738] loop8: detected capacity change from 0 to 32768
[  355.291773][   T14] usb 10-1: USB disconnect, device number 8
[  355.334574][ T9738] ocfs2: Mounting device (7,8) on (node local, slot 0) with writeback data mode.
[  355.492703][   T26] audit: type=1800 audit(1753320976.633:156): pid=9738 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.1385" name="file1" dev="loop8" ino=17058 res=0 errno=0
[  355.736889][ T8729] ocfs2: Unmounting device (7,8) on (node local)
[  355.756771][ T9774] netlink: 'syz.5.1392': attribute type 4 has an invalid length.
[  356.367869][ T9787] [U] .
[  356.409589][ T3731] usb 8-1: new full-speed USB device number 5 using dummy_hcd
[  356.607825][ T3731] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  356.641743][ T3731] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  356.692053][ T3731] usb 8-1: New USB device found, idVendor=0755, idProduct=2626, bcdDevice= 0.00
[  356.734401][ T3731] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  356.791926][ T3731] usb 8-1: config 0 descriptor??
[  356.823441][ T9807] loop3: detected capacity change from 0 to 128
[  356.858943][ T9810] loop9: detected capacity change from 0 to 512
[  356.885581][ T9810] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  357.037372][ T9810] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  357.047760][ T9810] ext4 filesystem being mounted at /100/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  357.236607][ T3731] aureal 0003:0755:2626.0012: unknown main item tag 0x0
[  357.245730][ T3731] aureal 0003:0755:2626.0012: unknown main item tag 0x0
[  357.252768][ T3731] aureal 0003:0755:2626.0012: unknown main item tag 0x0
[  357.303354][ T3731] aureal 0003:0755:2626.0012: unknown main item tag 0x0
[  357.335129][ T3731] aureal 0003:0755:2626.0012: unknown main item tag 0x0
[  357.342207][ T3731] aureal 0003:0755:2626.0012: unknown main item tag 0x0
[  357.395778][ T3731] aureal 0003:0755:2626.0012: unknown main item tag 0x0
[  357.441453][ T3731] aureal 0003:0755:2626.0012: hidraw0: USB HID v1.ff Device [HID 0755:2626] on usb-dummy_hcd.7-1/input0
[  357.510492][ T3731] usb 8-1: USB disconnect, device number 5
[  357.661401][ T7277] EXT4-fs (loop9): unmounting filesystem.
[  357.917119][ T9826] fido_id[9826]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.7/usb8/report_descriptor': No such file or directory
[  357.955657][ T9836] loop8: detected capacity change from 0 to 256
[  357.998732][   T26] audit: type=1800 audit(1753320979.143:157): pid=9836 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.1405" name="file2" dev="loop8" ino=1048653 res=0 errno=0
[  358.041630][ T9836] FAT-fs (loop8): error, fat_free_clusters: deleting FAT entry beyond EOF
[  358.119824][ T9836] FAT-fs (loop8): Filesystem has been set read-only
[  358.447098][ T9847] loop8: detected capacity change from 0 to 256
[  358.540086][ T9847] exFAT-fs (loop8): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  358.572496][ T9847] exFAT-fs (loop8): Medium has reported failures. Some data may be lost.
[  358.646006][ T9847] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  358.654405][ T9850] loop7: detected capacity change from 0 to 256
[  358.772730][ T9853] loop3: detected capacity change from 0 to 64
[  358.800062][   T26] audit: type=1800 audit(1753320979.943:158): pid=9850 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1424" name="file2" dev="loop7" ino=1048656 res=0 errno=0
[  358.821901][ T9850] FAT-fs (loop7): error, fat_free_clusters: deleting FAT entry beyond EOF
[  358.880638][ T9850] FAT-fs (loop7): Filesystem has been set read-only
[  358.907765][   T26] audit: type=1800 audit(1753320980.043:159): pid=9853 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1411" name="file1" dev="loop3" ino=21 res=0 errno=0
[  358.939761][ T9853] syz.3.1411: attempt to access beyond end of device
[  358.939761][ T9853] loop3: rw=34817, sector=39, nr_sectors = 125 limit=64
[  359.032114][ T9853] syz.3.1411: attempt to access beyond end of device
[  359.032114][ T9853] loop3: rw=34817, sector=167, nr_sectors = 1 limit=64
[  359.103555][ T9853] syz.3.1411: attempt to access beyond end of device
[  359.103555][ T9853] loop3: rw=34817, sector=169, nr_sectors = 1 limit=64
[  359.160909][ T9853] syz.3.1411: attempt to access beyond end of device
[  359.160909][ T9853] loop3: rw=34817, sector=171, nr_sectors = 7 limit=64
[  359.193765][ T9853] syz.3.1411: attempt to access beyond end of device
[  359.193765][ T9853] loop3: rw=34817, sector=179, nr_sectors = 371 limit=64
[  359.967518][ T9877] loop7: detected capacity change from 0 to 8192
[  360.027865][ T9877] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  360.136319][ T9877] REISERFS (device loop7): found reiserfs format "3.6" with non-standard journal
[  360.185414][ T9877] REISERFS (device loop7): using ordered data mode
[  360.200006][ T9877] reiserfs: using flush barriers
[  360.207480][ T9877] REISERFS (device loop7): journal params: device loop7, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  360.245778][ T9877] REISERFS (device loop7): checking transaction log (loop7)
[  360.509071][ T9877] REISERFS (device loop7): Using tea hash to sort names
[  360.545789][ T9877] REISERFS (device loop7): Created .reiserfs_priv - reserved for xattr storage.
[  361.409629][ T9889] loop9: detected capacity change from 0 to 32768
[  361.417061][ T9891] loop8: detected capacity change from 0 to 32768
[  361.455336][ T9891] XFS: ikeep mount option is deprecated.
[  361.497481][ T9893] loop5: detected capacity change from 0 to 32768
[  361.538210][ T9891] XFS (loop8): Mounting V5 Filesystem
[  361.543058][ T9889] XFS (loop9): Mounting V5 Filesystem
[  361.591913][ T9893] ocfs2: Mounting device (7,5) on (node local, slot 0) with writeback data mode.
[  361.620591][ T9889] XFS (loop9): Ending clean mount
[  361.685430][ T5206] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  361.740799][ T9891] XFS (loop8): Ending clean mount
[  361.783543][ T9891] XFS (loop8): Quotacheck needed: Please wait.
[  361.804191][   T26] audit: type=1800 audit(1753320982.943:160): pid=9893 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1425" name="file1" dev="loop5" ino=17058 res=0 errno=0
[  361.885050][ T5206] usb 8-1: Using ep0 maxpacket: 16
[  361.893141][ T5206] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  361.947755][ T7277] XFS (loop9): Unmounting Filesystem
[  361.961284][ T5206] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  361.981524][ T5206] usb 8-1: New USB device found, idVendor=6161, idProduct=4d15, bcdDevice= 0.00
[  361.991391][ T5206] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  362.008553][ T5206] usb 8-1: config 0 descriptor??
[  362.036304][ T9891] XFS (loop8): Quotacheck: Done.
[  362.049408][ T4890] ocfs2: Unmounting device (7,5) on (node local)
[  362.744905][ T8729] XFS (loop8): Unmounting Filesystem
[  362.841529][ T9943] vcan0: tx drop: invalid da for name 0x0000000006fffff9
[  363.065965][ T5206] letsketch 0003:6161:4D15.0013: Device info: à°�
[  363.158285][ T9952] loop5: detected capacity change from 0 to 512
[  363.231251][ T9954] netlink: 176 bytes leftover after parsing attributes in process `syz.9.1438'.
[  363.303758][ T9952] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  363.310687][ T5206] usb 8-1: Max retries (5) exceeded reading string descriptor 201
[  363.346042][ T5206] letsketch: probe of 0003:6161:4D15.0013 failed with error -71
[  363.359813][ T5206] usb 8-1: USB disconnect, device number 6
[  363.385243][ T9952] ext4 filesystem being mounted at /278/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  363.512721][ T9952] EXT4-fs error (device loop5): ext4_ext_check_inode:520: inode #12: comm syz.5.1437: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  363.702536][ T4890] EXT4-fs (loop5): unmounting filesystem.
[  363.962809][ T9973] loop7: detected capacity change from 0 to 512
[  363.976256][ T9969] loop5: detected capacity change from 0 to 4096
[  363.994892][ T9973] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  364.054285][ T9973] EXT4-fs (loop7): 1 truncate cleaned up
[  364.169256][ T9973] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  364.219645][ T9977] netlink: 104 bytes leftover after parsing attributes in process `syz.8.1443'.
[  364.849877][ T6828] bond0: (slave syz_tun): Releasing backup interface
[  364.886613][ T9992] device bond0 entered promiscuous mode
[  364.892332][ T9992] device bond_slave_0 entered promiscuous mode
[  364.941998][ T9992] device bond_slave_1 entered promiscuous mode
[  364.962711][ T6828] EXT4-fs (loop7): unmounting filesystem.
[  365.261902][ T4362] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  365.366277][   T14] usb 6-1: new full-speed USB device number 16 using dummy_hcd
[  365.481227][ T4362] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  365.559471][   T14] usb 6-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  365.585468][T10010] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1457'.
[  365.586521][   T14] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  365.643262][   T14] usb 6-1: Product: syz
[  365.653395][   T14] usb 6-1: Manufacturer: syz
[  365.661973][   T14] usb 6-1: SerialNumber: syz
[  365.684230][   T14] usb 6-1: config 0 descriptor??
[  365.754177][ T4362] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  365.886300][ T9998] loop9: detected capacity change from 0 to 32768
[  365.898307][ T4362] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  365.922211][   T14] usb 6-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  365.966336][ T4699] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[  366.037988][ T9998] XFS (loop9): Mounting V5 Filesystem
[  366.170950][ T4699] usb 9-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  366.217873][ T4699] usb 9-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  366.285055][ T4699] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 66
[  366.285939][ T4284] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  366.313843][ T4284] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  366.327499][ T4284] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  366.334871][ T4699] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  366.359214][ T4284] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  366.367300][ T4284] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  366.374817][ T4284] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  366.412987][ T4699] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  366.452892][ T4699] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  366.463458][ T4699] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  366.495184][ T4699] usb 9-1: Product: syz
[  366.499869][ T4699] usb 9-1: Manufacturer: syz
[  366.506925][ T9998] XFS (loop9): Ending clean mount
[  366.546368][ T4699] cdc_wdm 9-1:1.0: skipping garbage
[  366.553144][   T14] dvb_usb_rtl28xxu: probe of 6-1:0.0 failed with error -32
[  366.566860][   T14] usb 6-1: USB disconnect, device number 16
[  366.576162][ T4699] cdc_wdm 9-1:1.0: skipping garbage
[  366.583210][ T9998] XFS (loop9): Quotacheck needed: Please wait.
[  366.611325][ T4699] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[  366.625066][ T4699] cdc_wdm 9-1:1.0: Unknown control protocol
[  366.784315][ T9998] XFS (loop9): Quotacheck: Done.
[  366.848940][    C0] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  366.849966][ T4430] usb 9-1: USB disconnect, device number 8
[  366.855699][    C0] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  366.855721][    C0] cdc_wdm 9-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  366.859554][T10011] cdc_wdm 9-1:1.0: Tx URB error: -19
[  366.997873][ T7277] XFS (loop9): Unmounting Filesystem
[  367.508888][T10023] chnl_net:caif_netlink_parms(): no params data found
[  367.723307][T10046] loop5: detected capacity change from 0 to 256
[  367.767005][T10046] exfat: Deprecated parameter 'namecase'
[  367.801598][T10046] exFAT-fs (loop5): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[  368.108749][T10060] loop3: detected capacity change from 0 to 64
[  368.131942][T10023] bridge0: port 1(bridge_slave_0) entered blocking state
[  368.156935][T10023] bridge0: port 1(bridge_slave_0) entered disabled state
[  368.182237][ T5203] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[  368.226660][T10023] device bridge_slave_0 entered promiscuous mode
[  368.308719][T10060] syz.3.1466: attempt to access beyond end of device
[  368.308719][T10060] loop3: rw=2049, sector=135, nr_sectors = 3 limit=64
[  368.404570][ T5203] usb 9-1: Using ep0 maxpacket: 16
[  368.420440][ T5203] usb 9-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  368.431866][ T5203] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  368.441012][ T5203] usb 9-1: Product: syz
[  368.445811][ T5203] usb 9-1: Manufacturer: syz
[  368.450665][ T5203] usb 9-1: SerialNumber: syz
[  368.457351][ T5203] r8152-cfgselector 9-1: config 0 descriptor??
[  368.465387][ T4281] Bluetooth: hci3: command 0x0409 tx timeout
[  368.492184][T10023] bridge0: port 2(bridge_slave_1) entered blocking state
[  368.507232][T10023] bridge0: port 2(bridge_slave_1) entered disabled state
[  368.515878][T10023] device bridge_slave_1 entered promiscuous mode
[  368.611952][T10023] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  368.742934][T10023] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  368.840173][ T4362] device hsr_slave_0 left promiscuous mode
[  368.860668][ T4362] device hsr_slave_1 left promiscuous mode
[  368.877874][ T4362] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  368.888207][T10052] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  368.905099][ T4362] batman_adv: batadv0: Removing interface: batadv_slave_0
[  368.912791][T10052] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  368.934627][ T5203] r8152-cfgselector 9-1: Unknown version 0x0000
[  368.942674][ T4362] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  368.950690][ T5203] r8152-cfgselector 9-1: bad CDC descriptors
[  368.963560][ T4362] batman_adv: batadv0: Removing interface: batadv_slave_1
[  368.980237][ T5203] r8152-cfgselector 9-1: Unknown version 0x0000
[  368.996477][ T4362] device bridge_slave_1 left promiscuous mode
[  369.003035][ T4362] bridge0: port 2(bridge_slave_1) entered disabled state
[  369.011559][ T5203] r8152-cfgselector 9-1: USB disconnect, device number 9
[  369.039159][ T4362] device bridge_slave_0 left promiscuous mode
[  369.048376][ T4362] bridge0: port 1(bridge_slave_0) entered disabled state
[  369.139773][ T4362] device veth1_macvtap left promiscuous mode
[  369.155354][ T4362] device veth0_macvtap left promiscuous mode
[  369.186581][ T4362] device veth1_vlan left promiscuous mode
[  369.192477][ T4362] device veth0_vlan left promiscuous mode
[  369.247472][T10066] loop3: detected capacity change from 0 to 32768
[  369.377745][T10066] XFS (loop3): Mounting V5 Filesystem
[  369.562619][T10066] XFS (loop3): Ending clean mount
[  369.604241][T10066] XFS (loop3): Quotacheck needed: Please wait.
[  369.795531][T10066] XFS (loop3): Quotacheck: Done.
[  369.858697][T10095] loop9: detected capacity change from 0 to 64
[  370.089180][ T4329] usb 9-1: new high-speed USB device number 10 using dummy_hcd
[  370.285165][ T4329] usb 9-1: Using ep0 maxpacket: 16
[  370.292927][ T4329] usb 9-1: config 0 has no interfaces?
[  370.320915][ T4329] usb 9-1: New USB device found, idVendor=0499, idProduct=1018, bcdDevice=b2.da
[  370.335877][T10101] loop9: detected capacity change from 0 to 2048
[  370.344875][ T4329] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  370.353402][ T4329] usb 9-1: Product: syz
[  370.365304][ T4329] usb 9-1: Manufacturer: syz
[  370.369977][ T4329] usb 9-1: SerialNumber: syz
[  370.402221][T10074] loop5: detected capacity change from 0 to 40427
[  370.422794][ T4329] usb 9-1: config 0 descriptor??
[  370.453963][T10101] UDF-fs: error (device loop9): udf_read_tagged: read failed, block=18576, location=18576
[  370.457323][T10074] F2FS-fs (loop5): invalid crc value
[  370.491485][T10101] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  370.523824][T10074] F2FS-fs (loop5): Found nat_bits in checkpoint
[  370.545492][ T4281] Bluetooth: hci3: command 0x041b tx timeout
[  370.649081][ T4699] usb 9-1: USB disconnect, device number 10
[  370.671673][T10074] F2FS-fs (loop5): Start checkpoint disabled!
[  370.735919][T10074] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  371.024575][T10109] sctp: [Deprecated]: syz.9.1474 (pid 10109) Use of struct sctp_assoc_value in delayed_ack socket option.
[  371.024575][T10109] Use struct sctp_sack_info instead
[  371.083246][ T4266] XFS (loop3): Unmounting Filesystem
[  371.364655][ T4825] kworker/u4:8: attempt to access beyond end of device
[  371.364655][ T4825] loop5: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  371.784493][T10119] loop8: detected capacity change from 0 to 512
[  371.883153][ T4392] I/O error, dev loop8, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  372.208932][ T4362] team0 (unregistering): Port device team_slave_1 removed
[  372.293779][ T4362] team0 (unregistering): Port device team_slave_0 removed
[  372.380134][ T4362] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  372.459643][ T4362] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  372.629026][ T4281] Bluetooth: hci3: command 0x040f tx timeout
[  372.904378][T10132] 9pnet: p9_errstr2errno: server reported unknown error �@þLì²¼	O00000000000000000005
[  372.982443][    C1] vcan0: j1939_tp_rxtimer: 0xffff888058a70c00: rx timeout, send abort
[  372.990912][    C1] vcan0: j1939_tp_rxtimer: 0xffff888058227400: rx timeout, send abort
[  373.005234][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888058a70c00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  373.019704][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888058227400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  373.324053][T10142] loop8: detected capacity change from 0 to 256
[  373.445418][T10142] exFAT-fs (loop8): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d)
[  374.041124][ T4362] bond0 (unregistering): Released all slaves
[  374.151781][T10023] team0: Port device team_slave_0 added
[  374.218595][T10023] team0: Port device team_slave_1 added
[  374.382933][T10023] batman_adv: batadv0: Adding interface: batadv_slave_0
[  374.427780][T10023] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  374.581417][T10023] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  374.678018][T10023] batman_adv: batadv0: Adding interface: batadv_slave_1
[  374.695271][T10023] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  374.721878][ T4281] Bluetooth: hci3: command 0x0419 tx timeout
[  374.863583][T10023] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  375.026980][T10023] device hsr_slave_0 entered promiscuous mode
[  375.099573][T10023] device hsr_slave_1 entered promiscuous mode
[  375.119630][T10023] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  375.143271][T10023] Cannot create hsr debugfs directory
[  376.184729][T10176] loop5: detected capacity change from 0 to 40427
[  376.250273][T10176] F2FS-fs (loop5): invalid crc value
[  376.274411][T10176] F2FS-fs (loop5): Found nat_bits in checkpoint
[  376.472357][T10176] F2FS-fs (loop5): Start checkpoint disabled!
[  376.499464][T10176] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  376.781857][T10185] loop3: detected capacity change from 0 to 32768
[  376.834943][   T46] kworker/u4:3: attempt to access beyond end of device
[  376.834943][   T46] loop5: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  376.868893][T10185] XFS (loop3): Mounting V5 Filesystem
[  377.173388][T10185] XFS (loop3): Ending clean mount
[  377.221823][T10185] XFS (loop3): Quotacheck needed: Please wait.
[  377.395049][ T4330] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  377.423886][T10185] XFS (loop3): Quotacheck: Done.
[  377.605096][ T4330] usb 6-1: Using ep0 maxpacket: 16
[  377.612598][ T4330] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  377.658921][T10220] loop9: detected capacity change from 0 to 1024
[  377.662496][ T4330] usb 6-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  377.696713][ T4330] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  377.737539][ T4330] usb 6-1: config 0 descriptor??
[  377.744326][T10220] EXT4-fs: Ignoring removed nobh option
[  377.750508][ T4266] XFS (loop3): Unmounting Filesystem
[  377.868530][T10220] EXT4-fs: inline encryption not supported
[  377.874586][T10220] EXT4-fs: Ignoring removed bh option
[  377.942465][T10220] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  378.047310][T10228] loop8: detected capacity change from 0 to 8
[  378.137034][T10220] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  378.164402][T10220] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3841: comm syz.9.1505: Allocating blocks 385-513 which overlap fs metadata
[  378.166533][ T4330] mcp2221 0003:04D8:00DD.0014: unknown main item tag 0x0
[  378.186251][ T4330] mcp2221 0003:04D8:00DD.0014: unknown main item tag 0x0
[  378.193358][ T4330] mcp2221 0003:04D8:00DD.0014: unknown main item tag 0x0
[  378.200766][ T4330] mcp2221 0003:04D8:00DD.0014: unknown main item tag 0x0
[  378.212241][ T4330] mcp2221 0003:04D8:00DD.0014: unknown main item tag 0x0
[  378.220993][ T4330] mcp2221 0003:04D8:00DD.0014: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.5-1/input0
[  378.251265][T10233] EXT4-fs (loop9): pa ffff88807256c620: logic 16, phys. 129, len 24
[  378.261266][T10233] EXT4-fs error (device loop9): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 8
[  378.443821][T10023] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  378.544215][T10023] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  378.583805][ T7277] EXT4-fs (loop9): unmounting filesystem.
[  378.649989][ T1276] ieee802154 phy0 wpan0: encryption failed: -22
[  378.656983][ T1276] ieee802154 phy1 wpan1: encryption failed: -22
[  378.670116][T10023] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  378.685921][ T5203] usb 6-1: USB disconnect, device number 17
[  378.808104][T10023] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  379.150369][T10023] 8021q: adding VLAN 0 to HW filter on device bond0
[  379.197778][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  379.212305][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  379.233122][T10023] 8021q: adding VLAN 0 to HW filter on device team0
[  379.254209][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  379.263931][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  379.282252][   T46] bridge0: port 1(bridge_slave_0) entered blocking state
[  379.289522][   T46] bridge0: port 1(bridge_slave_0) entered forwarding state
[  379.364074][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  379.394437][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  379.418702][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  379.437773][   T46] bridge0: port 2(bridge_slave_1) entered blocking state
[  379.445055][   T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[  379.477638][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  379.497834][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  379.508382][T10256] loop5: detected capacity change from 0 to 4096
[  379.545311][T10256] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  379.577062][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  379.694438][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  379.725831][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  379.734282][T10236] loop3: detected capacity change from 0 to 32768
[  379.767149][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  379.789457][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  379.823556][T10236] ocfs2: Mounting device (7,3) on (node local, slot 0) with writeback data mode.
[  379.841159][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  379.865668][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  379.883510][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  379.920039][   T26] audit: type=1800 audit(1753321001.063:161): pid=10236 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1507" name="file1" dev="loop3" ino=17058 res=0 errno=0
[  379.943522][T10023] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  379.969486][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  380.270804][ T4266] ocfs2: Unmounting device (7,3) on (node local)
[  380.307214][ T4890] EXT4-fs (loop5): unmounting filesystem.
[  380.751096][T10282] loop9: detected capacity change from 0 to 512
[  380.844117][T10282] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  381.101341][ T7277] EXT4-fs (loop9): unmounting filesystem.
[  381.230986][   T34] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  381.240695][   T34] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  381.277791][T10023] 8021q: adding VLAN 0 to HW filter on device batadv0
[  381.412479][ T4825] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  381.447571][ T4825] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  381.531782][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  381.571366][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  381.605081][T10023] device veth0_vlan entered promiscuous mode
[  381.622247][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  381.665339][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  381.700548][T10023] device veth1_vlan entered promiscuous mode
[  381.796966][   T14] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  381.846313][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  381.855640][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  381.880713][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  381.912698][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  381.941433][T10023] device veth0_macvtap entered promiscuous mode
[  381.977370][T10023] device veth1_macvtap entered promiscuous mode
[  382.021112][   T14] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  382.048123][T10023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  382.070624][   T14] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  382.092508][T10023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  382.106351][T10023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  382.118315][   T14] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  382.127631][T10023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  382.138042][   T14] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  382.147917][T10023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  382.158857][   T14] usb 4-1: Product: syz
[  382.163082][   T14] usb 4-1: Manufacturer: syz
[  382.175097][T10023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  382.185642][   T14] usb 4-1: SerialNumber: syz
[  382.216180][   T14] cdc_mbim 4-1:1.0: skipping garbage
[  382.221677][T10023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  382.255397][T10023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  382.282140][T10023] batman_adv: batadv0: Interface activated: batadv_slave_0
[  382.301533][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  382.316529][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  382.336666][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  382.369879][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  382.404572][T10023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  382.425551][T10300] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  382.431459][T10023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  382.443552][T10023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  382.462424][T10023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  382.480249][T10023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  382.493179][T10023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  382.513650][T10023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  382.531173][T10023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  382.583978][T10023] batman_adv: batadv0: Interface activated: batadv_slave_1
[  382.648536][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  382.662130][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  382.708781][T10023] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  382.735147][T10023] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  382.743935][T10023] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  382.785146][T10023] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  383.047416][T10300] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  383.055294][   T14] cdc_mbim 4-1:1.0: setting tx_max = 184
[  383.075683][   T56] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  383.109087][   T14] cdc_mbim 4-1:1.0: cdc-wdm0: USB WDM device
[  383.133358][   T56] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  383.160782][T10316] loop5: detected capacity change from 0 to 32768
[  383.184762][T10316] XFS (loop5): Mounting V5 Filesystem
[  383.220444][   T14] cdc_mbim 4-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.3-1, CDC MBIM, 3e:81:89:9f:30:8f
[  383.267892][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  383.300701][T10316] XFS (loop5): Ending clean mount
[  383.308987][T10316] XFS (loop5): Quotacheck needed: Please wait.
[  383.321485][   T14] usb 4-1: USB disconnect, device number 17
[  383.341047][ T4362] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  383.359350][ T4362] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  383.385827][   T14] cdc_mbim 4-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.3-1, CDC MBIM
[  383.414686][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  383.546892][T10316] XFS (loop5): Quotacheck: Done.
[  383.791085][ T4890] XFS (loop5): Unmounting Filesystem
[  384.440187][T10359] input: syz1 as /devices/virtual/input/input29
[  384.844668][T10372] loop3: detected capacity change from 0 to 256
[  384.916463][T10372] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  384.958913][T10372] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  384.995088][T10372] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  385.227065][T10351] loop1: detected capacity change from 0 to 40427
[  385.264835][T10351] F2FS-fs (loop1): build fault injection attr: rate: 0, type: 0x35f7
[  385.283900][T10351] F2FS-fs (loop1): build fault injection attr: rate: 690, type: 0x3ffff
[  385.309910][T10351] F2FS-fs (loop1): invalid crc value
[  385.350168][T10351] F2FS-fs (loop1): Found nat_bits in checkpoint
[  385.437778][T10351] F2FS-fs (loop1): Start checkpoint disabled!
[  385.461326][T10351] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  385.667518][T10351] syz.1.1528: attempt to access beyond end of device
[  385.667518][T10351] loop1: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  386.153412][ T4825] kworker/u4:8: attempt to access beyond end of device
[  386.153412][ T4825] loop1: rw=1, sector=45096, nr_sectors = 8 limit=40427
[  386.254719][ T4825] kworker/u4:8: attempt to access beyond end of device
[  386.254719][ T4825] loop1: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  386.542863][T10407] loop3: detected capacity change from 0 to 128
[  386.647401][T10407] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  386.674697][T10407] ext4 filesystem being mounted at /339/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  386.923365][ T4266] EXT4-fs (loop3): unmounting filesystem.
[  387.128470][T10388] loop8: detected capacity change from 0 to 32768
[  387.343045][T10388] XFS (loop8): Mounting V5 Filesystem
[  387.429802][T10438] netlink: 'syz.3.1556': attribute type 11 has an invalid length.
[  387.437807][T10438] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1556'.
[  387.566364][T10388] XFS (loop8): Ending clean mount
[  387.689209][T10443] loop3: detected capacity change from 0 to 512
[  387.760846][ T8729] XFS (loop8): Unmounting Filesystem
[  387.769436][T10443] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  388.696841][ T4266] EXT4-fs (loop3): unmounting filesystem.
[  389.368500][T10482] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  389.389804][T10482] overlayfs: fs on './file0' does not support file handles, falling back to xino=off.
[  389.505347][   T14] usb 10-1: new high-speed USB device number 9 using dummy_hcd
[  389.725189][   T14] usb 10-1: Using ep0 maxpacket: 16
[  389.732457][   T14] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  389.798512][   T14] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  389.829077][   T14] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  389.867020][   T14] usb 10-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  389.907123][   T14] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  389.919913][   T14] usb 10-1: config 0 descriptor??
[  389.932367][T10478] loop3: detected capacity change from 0 to 32768
[  390.013076][T10478] XFS (loop3): Mounting V5 Filesystem
[  390.165581][T10478] XFS (loop3): Ending clean mount
[  390.183861][T10478] XFS (loop3): Quotacheck needed: Please wait.
[  390.338907][T10478] XFS (loop3): Quotacheck: Done.
[  390.350400][   T14] microsoft 0003:045E:07DA.0015: unknown main item tag 0x0
[  390.375178][   T14] microsoft 0003:045E:07DA.0015: unknown main item tag 0x0
[  390.405799][   T14] microsoft 0003:045E:07DA.0015: unknown main item tag 0x0
[  390.435230][   T14] microsoft 0003:045E:07DA.0015: unknown main item tag 0x0
[  390.468433][   T14] microsoft 0003:045E:07DA.0015: unknown main item tag 0x0
[  390.495499][   T14] microsoft 0003:045E:07DA.0015: unknown main item tag 0x0
[  390.521730][   T14] microsoft 0003:045E:07DA.0015: unknown main item tag 0x0
[  390.546561][   T14] microsoft 0003:045E:07DA.0015: unknown main item tag 0x0
[  390.568479][   T14] microsoft 0003:045E:07DA.0015: unknown main item tag 0x0
[  390.589163][   T14] microsoft 0003:045E:07DA.0015: unknown main item tag 0x0
[  390.617457][   T14] microsoft 0003:045E:07DA.0015: No inputs registered, leaving
[  390.642528][   T14] microsoft 0003:045E:07DA.0015: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.9-1/input0
[  390.660404][ T4266] XFS (loop3): Unmounting Filesystem
[  390.670395][   T14] microsoft 0003:045E:07DA.0015: no inputs found
[  390.712641][   T14] microsoft 0003:045E:07DA.0015: could not initialize ff, continuing anyway
[  390.764414][   T14] usb 10-1: USB disconnect, device number 9
[  392.103694][ T5206] hid-generic 0005:0000:0005.0016: item fetching failed at offset 0/2
[  392.112959][ T5206] hid-generic: probe of 0005:0000:0005.0016 failed with error -22
[  393.228521][T10552] loop5: detected capacity change from 0 to 40427
[  393.260590][T10552] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  393.288823][T10552] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  393.320996][T10552] F2FS-fs (loop5): invalid crc value
[  393.355806][T10552] F2FS-fs (loop5): Found nat_bits in checkpoint
[  393.463282][T10552] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  393.467479][T10588] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1591'.
[  393.470664][T10552] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  393.525132][ T4330] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  393.545255][   T14] usb 9-1: new high-speed USB device number 11 using dummy_hcd
[  393.725141][   T14] usb 9-1: Using ep0 maxpacket: 16
[  393.732378][ T4330] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  393.745401][   T14] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  393.765714][ T4330] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  393.785078][   T14] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  393.799659][ T4330] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  393.814207][   T14] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  393.832348][ T4330] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  393.841068][   T14] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  393.851279][ T4330] usb 2-1: Product: syz
[  393.855958][ T4330] usb 2-1: Manufacturer: syz
[  393.860598][ T4330] usb 2-1: SerialNumber: syz
[  393.875204][   T14] usb 9-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  393.901349][ T4330] cdc_mbim 2-1:1.0: skipping garbage
[  393.911020][   T14] usb 9-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  393.941112][   T14] usb 9-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  393.951344][   T14] usb 9-1: Manufacturer: syz
[  393.969731][   T14] usb 9-1: config 0 descriptor??
[  394.113895][T10577] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  394.495248][   T14] rc_core: IR keymap rc-hauppauge not found
[  394.501359][   T14] Registered IR keymap rc-empty
[  394.537544][   T14] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[  394.595179][   T14] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[  394.643980][   T14] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/rc/rc0
[  394.698946][   T14] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/rc/rc0/input31
[  394.701543][T10620] loop9: detected capacity change from 0 to 512
[  394.761687][T10577] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  394.772947][   T14] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[  394.787796][ T4330] cdc_mbim 2-1:1.0: setting tx_max = 184
[  394.802816][ T4330] cdc_mbim 2-1:1.0: cdc-wdm0: USB WDM device
[  394.835188][   T14] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[  394.875873][   T14] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[  394.890623][ T4330] cdc_mbim 2-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.1-1, CDC MBIM, c2:ca:da:c3:4f:df
[  394.914551][T10620] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  394.923741][   T14] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[  394.933650][T10620] ext4 filesystem being mounted at /145/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  394.975233][   T14] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[  395.005280][   T14] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[  395.054006][ T4699] usb 2-1: USB disconnect, device number 4
[  395.073201][   T14] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[  395.081734][ T4699] cdc_mbim 2-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.1-1, CDC MBIM
[  395.125608][   T14] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[  395.155123][   T14] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[  395.187128][   T14] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[  395.226589][   T14] mceusb 9-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  395.236244][   T14] mceusb 9-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  395.247823][   T14] usb 9-1: USB disconnect, device number 11
[  395.303677][T10635] loop3: detected capacity change from 0 to 4096
[  395.384443][T10638] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  395.399766][ T7277] EXT4-fs (loop9): unmounting filesystem.
[  395.951577][T10659] netlink: 'syz.3.1610': attribute type 6 has an invalid length.
[  396.180132][T10662] loop3: detected capacity change from 0 to 4096
[  397.946754][ T5206] usb 6-1: new low-speed USB device number 18 using dummy_hcd
[  397.973887][ T4266] ntfs3: loop3: ntfs_evict_inode r=5 failed, -22.
[  397.980859][ T4266] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  398.155496][ T5206] usb 6-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  398.175723][ T5206] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  398.201919][ T5206] usb 6-1: config 0 descriptor??
[  398.213950][T10666] loop9: detected capacity change from 0 to 262144
[  398.228180][T10666] F2FS-fs (loop9): invalid crc value
[  398.287470][T10666] F2FS-fs (loop9): Found nat_bits in checkpoint
[  398.331492][T10666] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  398.365168][ T4329] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  398.575144][ T4329] usb 2-1: Using ep0 maxpacket: 16
[  398.582302][ T4329] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  398.623449][ T4329] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  398.671981][ T4329] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  398.704387][ T4329] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  398.745119][ T4329] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  398.771001][ T4329] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  398.797529][ T4329] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  398.815061][ T4329] usb 2-1: Manufacturer: syz
[  398.831400][ T4329] usb 2-1: config 0 descriptor??
[  398.983965][T10726] loop3: detected capacity change from 0 to 1024
[  399.041017][T10726] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  399.065152][T10726] ext4 filesystem being mounted at /366/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  399.173029][T10726] EXT4-fs error (device loop3): ext4_map_blocks:745: inode #15: block 8: comm syz.3.1628: lblock 8 mapped to illegal pblock 8 (length 1)
[  399.220425][T10726] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 1 with error 117
[  399.247597][T10726] EXT4-fs (loop3): This should not happen!! Data will be lost
[  399.247597][T10726] 
[  399.283133][T10726] EXT4-fs error (device loop3): ext4_map_blocks:635: inode #15: block 8: comm syz.3.1628: lblock 8 mapped to illegal pblock 8 (length 1)
[  399.298666][ T4329] rc_core: IR keymap rc-hauppauge not found
[  399.298716][ T4329] Registered IR keymap rc-empty
[  399.301395][ T4329] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  399.339296][T10726] EXT4-fs error (device loop3): ext4_ext_remove_space:2930: inode #15: comm syz.3.1628: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  399.380282][ T4329] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  399.432660][ T4329] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0
[  399.448677][ T5206] asix 6-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  399.469938][ T5206] asix 6-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[  399.493933][ T4329] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input32
[  399.508758][   T34] EXT4-fs error (device loop3): ext4_map_blocks:745: inode #15: block 1: comm kworker/u4:2: lblock 1 mapped to illegal pblock 1 (length 7)
[  399.515708][ T5206] asix: probe of 6-1:0.0 failed with error -71
[  399.539373][ T4329] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  399.559324][ T5206] usb 6-1: USB disconnect, device number 18
[  399.564029][   T34] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 7 with error 117
[  399.584040][ T4329] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  399.625247][   T34] EXT4-fs (loop3): This should not happen!! Data will be lost
[  399.625247][   T34] 
[  399.635574][ T4329] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  399.667862][ T4266] EXT4-fs (loop3): unmounting filesystem.
[  399.675282][ T4329] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  399.705313][ T4329] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  399.745569][ T4329] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  399.800856][ T4329] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  399.848701][ T4329] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  399.860600][T10740] loop3: detected capacity change from 0 to 1024
[  399.887209][ T4329] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  399.898940][T10740] hfsplus: request for non-existent node 327680 in B*Tree
[  399.909595][T10740] hfsplus: request for non-existent node 327680 in B*Tree
[  399.935118][ T4329] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  399.976102][ T4329] mceusb 2-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  400.015805][ T4329] mceusb 2-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  400.063093][ T4329] usb 2-1: USB disconnect, device number 5
[  400.250223][T10759] vcan0: tx drop: invalid sa for name 0x0000000000000001
[  400.300165][T10762] loop3: detected capacity change from 0 to 64
[  400.508358][   T26] audit: type=1804 audit(1753321021.653:162): pid=10765 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.1634" name=2F6E6577726F6F742F3336382F66696C65302FF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF
[  400.807296][   T26] audit: type=1326 audit(1753321021.953:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10780 comm="syz.5.1640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ba938e9a9 code=0x7ffc0000
[  400.894920][    C1] vkms_vblank_simulate: vblank timer overrun
[  400.918132][    C1] vkms_vblank_simulate: vblank timer overrun
[  401.328345][   T14] usb 10-1: new high-speed USB device number 10 using dummy_hcd
[  401.484768][T10798] block device autoloading is deprecated and will be removed.
[  401.535076][   T14] usb 10-1: Using ep0 maxpacket: 16
[  401.542172][   T14] usb 10-1: config 0 has an invalid interface number: 8 but max is 0
[  401.565154][   T14] usb 10-1: config 0 has no interface number 0
[  401.581728][   T14] usb 10-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 208, changing to 11
[  401.655152][   T14] usb 10-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid maxpacket 25296, setting to 1024
[  401.684091][T10810] loop3: detected capacity change from 0 to 512
[  401.703649][   T14] usb 10-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  401.713678][T10810] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  401.733380][   T14] usb 10-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  401.746265][T10810] EXT4-fs (loop3): orphan cleanup on readonly fs
[  401.767748][   T14] usb 10-1: Product: syz
[  401.772051][T10810] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.1648: bg 0: block 248: padding at end of block bitmap is not set
[  401.772081][   T14] usb 10-1: SerialNumber: syz
[  401.795716][T10810] Quota error (device loop3): write_blk: dquota write failed
[  401.812191][T10810] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  401.849385][T10810] EXT4-fs error (device loop3): ext4_acquire_dquot:6814: comm syz.3.1648: Failed to acquire dquot type 1
[  401.874832][   T14] usb 10-1: config 0 descriptor??
[  401.893895][   T14] cm109 10-1:0.8: invalid payload size 1024, expected 4
[  401.920634][T10810] EXT4-fs (loop3): 1 truncate cleaned up
[  401.931701][   T14] input: CM109 USB driver as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.8/input/input33
[  401.969457][T10810] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  402.007415][ T5205] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  402.201839][T10788] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  402.219058][T10788] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  402.227083][ T5205] usb 6-1: Using ep0 maxpacket: 16
[  402.234914][ T5205] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 194, changing to 11
[  402.285106][ T5205] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59021, setting to 1024
[  402.325132][ T5205] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  402.354218][ T5205] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  402.404237][ T5205] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  402.436782][ T5205] usb 6-1: config 0 descriptor??
[  402.443913][T10813] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  402.481288][    C0] cm109 10-1:0.8: cm109_urb_irq_callback: urb status -71
[  402.489873][    C0] cm109 10-1:0.8: cm109_urb_ctl_callback: urb status -71
[  402.499430][    C0] cm109 10-1:0.8: cm109_urb_ctl_callback: urb status -71
[  402.515111][    C0] cm109 10-1:0.8: cm109_urb_ctl_callback: urb status -71
[  402.522521][ T4277] usb 10-1: USB disconnect, device number 10
[  402.529469][    C0] cm109 10-1:0.8: cm109_urb_ctl_callback: urb status -71
[  402.536591][    C0] cm109 10-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[  402.552968][ T4277] cm109 10-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  402.793079][T10810] EXT4-fs error (device loop3): ext4_lookup:1858: inode #15: comm syz.3.1648: iget: bad i_size value: 360287970189639690
[  402.855160][   T14] usb 9-1: new high-speed USB device number 12 using dummy_hcd
[  402.877497][ T5205] HID 045e:07da: Invalid code 65791 type 1
[  402.900851][ T5205] input: HID 045e:07da as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:045E:07DA.0017/input/input34
[  402.940554][ T5205] microsoft 0003:045E:07DA.0017: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.5-1/input0
[  403.065173][   T14] usb 9-1: Using ep0 maxpacket: 32
[  403.072289][   T14] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  403.085712][ T4266] EXT4-fs (loop3): unmounting filesystem.
[  403.099293][   T14] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  403.151994][   T14] usb 9-1: New USB device found, idVendor=0458, idProduct=0087, bcdDevice= 0.00
[  403.175021][   T14] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  403.185055][ T4277] usb 6-1: USB disconnect, device number 19
[  403.216097][   T14] usb 9-1: config 0 descriptor??
[  403.380516][T10856] device syzkaller1 entered promiscuous mode
[  403.643956][   T14] kye 0003:0458:0087.0018: unknown main item tag 0x0
[  403.659379][   T14] kye 0003:0458:0087.0018: unknown main item tag 0x0
[  403.673594][   T14] kye 0003:0458:0087.0018: hidraw0: USB HID v0.00 Device [HID 0458:0087] on usb-dummy_hcd.8-1/input0
[  403.855135][   T14] usb 9-1: USB disconnect, device number 12
[  404.261923][T10862] loop1: detected capacity change from 0 to 32768
[  404.278863][T10862] ERROR: (device loop1): jfs_readdir: JFS:Dtree error: ino = 2, bn=0, index = 1
[  404.278863][T10862] 
[  404.610743][T10892] device batadv_slave_1 entered promiscuous mode
[  404.630128][T10891] device batadv_slave_1 left promiscuous mode
[  405.133869][T10906] input: syz0 as /devices/virtual/input/input35
[  405.669301][T10901] loop3: detected capacity change from 0 to 32768
[  406.317879][T10937] loop3: detected capacity change from 0 to 128
[  406.359748][T10908] loop9: detected capacity change from 0 to 40427
[  406.383207][T10908] F2FS-fs (loop9): Insane cp_payload (553648128 >= 504)
[  406.413657][T10908] F2FS-fs (loop9): Can't find valid F2FS filesystem in 1th superblock
[  406.442995][T10908] F2FS-fs (loop9): build fault injection attr: rate: 17008, type: 0x3ffff
[  406.471916][T10908] F2FS-fs (loop9): build fault injection attr: rate: 0, type: 0x6
[  406.496189][T10908] F2FS-fs (loop9): build fault injection attr: rate: 0, type: 0x5
[  406.548457][T10908] F2FS-fs (loop9): invalid crc value
[  406.572056][T10908] F2FS-fs (loop9): Found nat_bits in checkpoint
[  406.744326][T10908] F2FS-fs (loop9): Try to recover 1th superblock, ret: 0
[  406.774382][T10908] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  407.082331][T10963] loop3: detected capacity change from 0 to 1024
[  407.098772][ T7277] syz-executor: attempt to access beyond end of device
[  407.098772][ T7277] loop9: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  407.173232][T10963] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  407.235332][T10963] ext4 filesystem being mounted at /377/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  407.343306][T10963] EXT4-fs error (device loop3): ext4_map_blocks:745: inode #15: block 3: comm syz.3.1692: lblock 3 mapped to illegal pblock 3 (length 13)
[  407.479212][T10963] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 13 with error 117
[  407.512869][T10963] EXT4-fs (loop3): This should not happen!! Data will be lost
[  407.512869][T10963] 
[  407.553909][T10974] EXT4-fs error (device loop3): ext4_map_blocks:635: inode #15: block 3: comm syz.3.1692: lblock 3 mapped to illegal pblock 3 (length 1)
[  407.623965][T10961] EXT4-fs error (device loop3): ext4_map_blocks:635: inode #15: block 3: comm syz.3.1692: lblock 3 mapped to illegal pblock 3 (length 1)
[  407.669942][T10974] EXT4-fs error (device loop3): ext4_map_blocks:635: inode #15: block 3: comm syz.3.1692: lblock 3 mapped to illegal pblock 3 (length 1)
[  407.715221][ T4329] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  407.731510][T10961] EXT4-fs error (device loop3): ext4_map_blocks:635: inode #15: block 3: comm syz.3.1692: lblock 3 mapped to illegal pblock 3 (length 1)
[  407.787273][T10961] EXT4-fs error (device loop3): ext4_map_blocks:635: inode #15: block 3: comm syz.3.1692: lblock 3 mapped to illegal pblock 3 (length 1)
[  407.838788][T10974] EXT4-fs error (device loop3): ext4_map_blocks:635: inode #15: block 3: comm syz.3.1692: lblock 3 mapped to illegal pblock 3 (length 1)
[  407.863996][T10961] EXT4-fs error (device loop3): ext4_map_blocks:635: inode #15: block 3: comm syz.3.1692: lblock 3 mapped to illegal pblock 3 (length 1)
[  407.881895][T10974] EXT4-fs error (device loop3): ext4_map_blocks:635: inode #15: block 3: comm syz.3.1692: lblock 3 mapped to illegal pblock 3 (length 1)
[  407.897565][T10961] EXT4-fs error (device loop3): ext4_map_blocks:635: inode #15: block 3: comm syz.3.1692: lblock 3 mapped to illegal pblock 3 (length 1)
[  407.947106][ T4329] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  407.967891][ T4329] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  407.979705][ T4329] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  407.993684][ T4329] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  408.044022][ T4329] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  408.098074][ T4329] usb 2-1: config 0 descriptor??
[  408.245274][ T5205] usb 10-1: new high-speed USB device number 11 using dummy_hcd
[  408.408694][ T4266] EXT4-fs (loop3): unmounting filesystem.
[  408.454303][ T5205] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 2
[  408.490566][ T5205] usb 10-1: config 1 has no interface number 0
[  408.513555][ T4329] plantronics 0003:047F:FFFF.0019: unknown main item tag 0xd
[  408.522338][ T5205] usb 10-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  408.547515][ T4329] plantronics 0003:047F:FFFF.0019: No inputs registered, leaving
[  408.560040][ T5205] usb 10-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping
[  408.576339][ T4329] plantronics 0003:047F:FFFF.0019: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  408.595380][ T5205] usb 10-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 56184, setting to 1024
[  408.622239][ T5205] usb 10-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 1024
[  408.644342][ T5205] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  408.659557][ T5205] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  408.677848][ T5205] usb 10-1: Product: syz
[  408.692984][ T5205] usb 10-1: Manufacturer: syz
[  408.703554][ T5205] usb 10-1: SerialNumber: syz
[  408.757196][T11003] loop3: detected capacity change from 0 to 512
[  408.797952][ T4699] usb 2-1: USB disconnect, device number 6
[  408.800120][T11006] sctp: [Deprecated]: syz.8.1702 (pid 11006) Use of struct sctp_assoc_value in delayed_ack socket option.
[  408.800120][T11006] Use struct sctp_sack_info instead
[  408.857141][T11003] EXT4-fs (loop3): 1 orphan inode deleted
[  408.863284][T11003] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  408.873068][T11003] ext4 filesystem being mounted at /379/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  408.950788][T10987] raw-gadget.1 gadget.9: fail, usb_ep_enable returned -22
[  408.989008][ T4266] EXT4-fs (loop3): unmounting filesystem.
[  409.131809][T11012] loop8: detected capacity change from 0 to 4096
[  409.290409][T11018] loop6: detected capacity change from 0 to 8
[  409.306071][   T14] hid-generic 0000:3000000:0000.001A: unknown main item tag 0x4
[  409.325591][T11018] Dev loop6: unable to read RDB block 8
[  409.331277][T11018]  loop6: unable to read partition table
[  409.334308][   T14] hid-generic 0000:3000000:0000.001A: unknown main item tag 0x2
[  409.375189][   T14] hid-generic 0000:3000000:0000.001A: unknown main item tag 0x0
[  409.386137][T11018] loop6: partition table beyond EOD, truncated
[  409.397677][   T14] hid-generic 0000:3000000:0000.001A: unknown main item tag 0x0
[  409.413861][T11018] loop_reread_partitions: partition scan of loop6 (þ被xü—ŸÑà– ) failed (rc=-5)
[  409.422558][   T14] hid-generic 0000:3000000:0000.001A: unknown main item tag 0x0
[  409.449356][   T14] hid-generic 0000:3000000:0000.001A: unknown main item tag 0x0
[  409.472105][   T14] hid-generic 0000:3000000:0000.001A: unknown main item tag 0x0
[  409.499989][   T14] hid-generic 0000:3000000:0000.001A: unknown main item tag 0x0
[  409.529669][   T14] hid-generic 0000:3000000:0000.001A: unknown main item tag 0x0
[  409.550845][   T14] hid-generic 0000:3000000:0000.001A: unknown main item tag 0x0
[  409.573071][   T14] hid-generic 0000:3000000:0000.001A: unknown main item tag 0x0
[  409.575351][T10987] raw-gadget.1 gadget.9: fail, usb_ep_enable returned -22
[  409.593915][   T14] hid-generic 0000:3000000:0000.001A: unknown main item tag 0x0
[  409.614161][   T14] hid-generic 0000:3000000:0000.001A: unknown main item tag 0x0
[  409.623346][   T14] hid-generic 0000:3000000:0000.001A: unknown main item tag 0x0
[  409.624379][ T5205] cdc_ncm 10-1:1.1: bind() failure
[  409.631304][   T14] hid-generic 0000:3000000:0000.001A: unknown main item tag 0x0
[  409.631339][   T14] hid-generic 0000:3000000:0000.001A: unknown main item tag 0x0
[  409.657535][   T14] hid-generic 0000:3000000:0000.001A: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  409.771509][T11031] loop1: detected capacity change from 0 to 512
[  409.796914][T11031] EXT4-fs (loop1): can't mount with both data=journal and dax
[  409.863054][ T5205] usb 10-1: USB disconnect, device number 11
[  409.955111][ T5206] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  410.045224][ T4329] usb 9-1: new high-speed USB device number 13 using dummy_hcd
[  410.135061][ T5206] usb 6-1: Using ep0 maxpacket: 32
[  410.142199][ T5206] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  410.166661][ T5206] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  410.182034][ T5206] usb 6-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  410.192494][ T5206] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  410.202723][ T5206] usb 6-1: config 0 descriptor??
[  410.235221][ T4329] usb 9-1: Using ep0 maxpacket: 16
[  410.243661][ T4329] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  410.269254][ T4329] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  410.292515][ T4329] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  410.322357][ T4329] usb 9-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  410.345893][ T4329] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  410.370486][ T4329] usb 9-1: config 0 descriptor??
[  410.380791][T11052] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1715'.
[  410.622577][ T5206] ft260 0003:0403:6030.001B: unknown main item tag 0x0
[  410.654388][ T5206] ft260 0003:0403:6030.001B: hidraw0: USB HID v0.00 Device [HID 0403:6030] on usb-dummy_hcd.5-1/input0
[  410.817928][ T4329] microsoft 0003:045E:07DA.001C: No inputs registered, leaving
[  410.826635][ T5206] ft260 0003:0403:6030.001B: chip code: 6424 8183
[  410.829539][T11065] overlayfs: failed to set xattr on upper
[  410.860795][ T4329] microsoft 0003:045E:07DA.001C: hidraw1: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.8-1/input0
[  410.865850][T11065] overlayfs: ...falling back to index=off,metacopy=off.
[  410.880826][ T4329] microsoft 0003:045E:07DA.001C: no inputs found
[  410.888064][ T4329] microsoft 0003:045E:07DA.001C: could not initialize ff, continuing anyway
[  410.928145][T11070] device pim6reg1 entered promiscuous mode
[  411.041596][ T4699] usb 9-1: USB disconnect, device number 13
[  411.436585][ T5206] ft260 0003:0403:6030.001B: failed to reset I2C controller: -71
[  411.480989][ T5206] usb 6-1: USB disconnect, device number 20
[  411.829005][T11101] loop1: detected capacity change from 0 to 512
[  411.878405][T11101] EXT4-fs warning (device loop1): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  411.891867][T11101] EXT4-fs warning (device loop1): dx_probe:881: Enable large directory feature to access it
[  411.904523][T11101] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.1729: Corrupt directory, running e2fsck is recommended
[  411.920261][T11101] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117
[  411.935486][T11101] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2195: inode #15: comm syz.1.1729: corrupted in-inode xattr
[  411.965064][T11101] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.1729: couldn't read orphan inode 15 (err -117)
[  411.998569][T11101] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  412.026009][T11101] EXT4-fs warning (device loop1): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  412.082537][T11101] EXT4-fs warning (device loop1): dx_probe:881: Enable large directory feature to access it
[  412.082804][T11109] EXT4-fs warning (device loop1): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  412.167259][T11101] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.1729: Corrupt directory, running e2fsck is recommended
[  412.181135][T11109] EXT4-fs warning (device loop1): dx_probe:881: Enable large directory feature to access it
[  412.201088][T11115] loop9: detected capacity change from 0 to 256
[  412.241069][T11109] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.1729: Corrupt directory, running e2fsck is recommended
[  412.260804][T11113] EXT4-fs warning (device loop1): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  412.303399][T11115] exFAT-fs (loop9): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[  412.328530][T11115] exFAT-fs (loop9): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  412.329666][T11113] EXT4-fs warning (device loop1): dx_probe:881: Enable large directory feature to access it
[  412.461849][T11113] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.1729: Corrupt directory, running e2fsck is recommended
[  412.523794][T11101] EXT4-fs warning (device loop1): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  412.751631][T10023] EXT4-fs (loop1): unmounting filesystem.
[  412.897325][T11134] loop1: detected capacity change from 0 to 512
[  412.946419][T11134] EXT4-fs: Ignoring removed orlov option
[  412.985874][T11134] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  413.020842][T11134] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  413.041971][T11134] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2195: inode #15: comm syz.1.1737: corrupted in-inode xattr
[  413.065639][T11134] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.1737: couldn't read orphan inode 15 (err -117)
[  413.079601][T11144] loop8: detected capacity change from 0 to 1024
[  413.088107][T11134] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  413.136544][T11144] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  413.208702][   T46] Bluetooth: hci4: Frame reassembly failed (-84)
[  413.248523][T11144] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  413.268541][T10023] EXT4-fs (loop1): unmounting filesystem.
[  413.274570][T11144] ext4 filesystem being mounted at /98/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  413.413693][T11144] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  413.472511][T11144] EXT4-fs (loop8): Remounting filesystem read-only
[  413.496196][ T4362] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  413.636303][ T8729] EXT4-fs (loop8): unmounting filesystem.
[  413.656399][ T4362] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  413.855536][ T4362] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  414.063277][ T4362] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  414.386417][ T4268] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  414.401497][ T4268] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  414.411825][ T4268] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  414.423597][ T4268] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  414.440788][ T4268] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  414.462639][T11179] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  414.923717][T11192] loop3: detected capacity change from 0 to 256
[  414.932819][T11192] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  414.970696][T11192] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  415.019060][T11192] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x51b0ce3e, utbl_chksum : 0xe619d30d)
[  415.265571][ T4281] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  415.555872][T11178] chnl_net:caif_netlink_parms(): no params data found
[  415.583347][T11209] loop5: detected capacity change from 0 to 1024
[  415.743636][T11209] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  415.811730][T11220] loop1: detected capacity change from 0 to 256
[  415.995265][T11220] loop1: detected capacity change from 256 to 0
[  416.006798][    C1] I/O error, dev loop1, sector 12 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  416.021671][T11231] FAT-fs (loop1): Directory bread(block 3) failed
[  416.064366][ T4890] EXT4-fs (loop5): unmounting filesystem.
[  416.074002][T11178] bridge0: port 1(bridge_slave_0) entered blocking state
[  416.105186][T11178] bridge0: port 1(bridge_slave_0) entered disabled state
[  416.113571][T11178] device bridge_slave_0 entered promiscuous mode
[  416.115124][    C0] I/O error, dev loop1, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  416.129672][T11231] FAT-fs (loop1): FAT read failed (blocknr 1)
[  416.238798][    C1] I/O error, dev loop1, sector 12 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  416.248188][T10023] FAT-fs (loop1): Directory bread(block 3) failed
[  416.272271][T11178] bridge0: port 2(bridge_slave_1) entered blocking state
[  416.307008][T11178] bridge0: port 2(bridge_slave_1) entered disabled state
[  416.330745][T11178] device bridge_slave_1 entered promiscuous mode
[  416.362091][    C0] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  416.375800][T10023] FAT-fs (loop1): unable to read boot sector to mark fs as dirty
[  416.524089][T11241] loop5: detected capacity change from 0 to 2048
[  416.555755][ T4281] Bluetooth: hci5: command 0x0409 tx timeout
[  416.736950][T11241] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  417.110961][ T4277] kernel write not supported for file bpf-prog (pid: 4277 comm: kworker/0:4)
[  417.141483][ T4890] EXT4-fs (loop5): unmounting filesystem.
[  417.234773][T11178] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  417.354379][T11178] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  417.450910][T11269] loop3: detected capacity change from 0 to 256
[  417.555652][T11269] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  417.837859][T11262] loop8: detected capacity change from 0 to 131072
[  417.845781][T11262] F2FS-fs (loop8): Wrong CP boundary, start(512) end(1536) blocks(0)
[  417.853966][T11262] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[  417.863854][T11262] F2FS-fs (loop8): invalid crc value
[  417.917017][T11262] F2FS-fs (loop8): Found nat_bits in checkpoint
[  417.972134][T11262] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0
[  417.979370][T11262] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e4
[  418.060423][T11178] team0: Port device team_slave_0 added
[  418.069196][T11178] team0: Port device team_slave_1 added
[  418.123940][T11278] loop3: detected capacity change from 0 to 1024
[  418.205139][T11178] batman_adv: batadv0: Adding interface: batadv_slave_0
[  418.212704][T11178] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  418.216266][T11278] EXT4-fs: Ignoring removed oldalloc option
[  418.238837][    C1] vkms_vblank_simulate: vblank timer overrun
[  418.252488][T11178] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  418.295544][ T4362] device hsr_slave_0 left promiscuous mode
[  418.302254][ T4362] device hsr_slave_1 left promiscuous mode
[  418.327753][ T4362] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  418.332572][T11278] EXT4-fs: Ignoring removed bh option
[  418.348089][ T4362] batman_adv: batadv0: Removing interface: batadv_slave_0
[  418.375704][T11278] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  418.407172][ T4362] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  418.425785][ T4362] batman_adv: batadv0: Removing interface: batadv_slave_1
[  418.435217][ T4362] device bridge_slave_1 left promiscuous mode
[  418.457095][ T4362] bridge0: port 2(bridge_slave_1) entered disabled state
[  418.473811][T11278] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  418.503249][ T4362] device bridge_slave_0 left promiscuous mode
[  418.561933][ T4362] bridge0: port 1(bridge_slave_0) entered disabled state
[  418.635169][ T4281] Bluetooth: hci5: command 0x041b tx timeout
[  418.655256][ T4362] device veth1_macvtap left promiscuous mode
[  418.661388][ T4362] device veth0_macvtap left promiscuous mode
[  418.668427][T11278] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3841: comm syz.3.1773: Allocating blocks 497-513 which overlap fs metadata
[  418.699092][ T4362] device veth1_vlan left promiscuous mode
[  418.727216][T11278] EXT4-fs (loop3): pa ffff88807245f9a0: logic 256, phys. 385, len 8
[  418.736547][T11278] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[  418.745233][ T4362] device veth0_vlan left promiscuous mode
[  418.879117][ T4284] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  418.898720][ T4284] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  418.910688][ T4284] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  418.922869][ T4284] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  418.930737][ T4284] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  418.938422][ T4284] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  419.131730][ T4266] EXT4-fs (loop3): unmounting filesystem.
[  420.007045][ T4362] team0 (unregistering): Port device team_slave_1 removed
[  420.092057][ T4362] team0 (unregistering): Port device team_slave_0 removed
[  420.239287][T11310] loop5: detected capacity change from 0 to 8
[  420.262196][ T4362] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  420.279567][ T4362] device bond_slave_1 left promiscuous mode
[  420.379492][ T4362] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  420.399850][ T4362] device bond_slave_0 left promiscuous mode
[  420.611200][ T4277] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  420.706186][ T4281] Bluetooth: hci5: command 0x040f tx timeout
[  420.839311][ T4277] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  420.878032][ T4277] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  420.888288][ T4277] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  420.915864][ T4277] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  420.932179][ T4277] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  420.942279][ T4277] usb 4-1: config 0 descriptor??
[  420.949634][    C1] vkms_vblank_simulate: vblank timer overrun
[  420.999398][    C1] vkms_vblank_simulate: vblank timer overrun
[  421.025327][ T4281] Bluetooth: hci3: command 0x0409 tx timeout
[  421.390782][ T4277] plantronics 0003:047F:FFFF.001D: No inputs registered, leaving
[  421.401213][ T4277] plantronics 0003:047F:FFFF.001D: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  421.479653][T11319] loop5: detected capacity change from 0 to 32768
[  421.741924][T11319] XFS (loop5): Mounting V5 Filesystem
[  421.744009][ T4362] bond0 (unregistering): Released all slaves
[  421.830108][T11178] batman_adv: batadv0: Adding interface: batadv_slave_1
[  421.835793][T11319] XFS (loop5): Ending clean mount
[  421.849794][T11178] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  421.876154][T11178] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  421.907445][T11295] netlink: 'syz.8.1774': attribute type 12 has an invalid length.
[  421.927053][T11295] netlink: 'syz.8.1774': attribute type 29 has an invalid length.
[  421.936412][T11295] netlink: 148 bytes leftover after parsing attributes in process `syz.8.1774'.
[  421.947850][T11295] netlink: 'syz.8.1774': attribute type 1 has an invalid length.
[  422.047126][T11178] device hsr_slave_0 entered promiscuous mode
[  422.092777][T11178] device hsr_slave_1 entered promiscuous mode
[  422.114734][ T4890] XFS (loop5): Unmounting Filesystem
[  422.115244][T11178] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  422.120599][T11178] Cannot create hsr debugfs directory
[  422.243742][ T4329] usb 4-1: USB disconnect, device number 18
[  422.786431][ T4281] Bluetooth: hci5: command 0x0419 tx timeout
[  423.106625][T11179] Bluetooth: hci3: command 0x041b tx timeout
[  423.141975][T11290] chnl_net:caif_netlink_parms(): no params data found
[  423.164107][T11333] loop8: detected capacity change from 0 to 32768
[  423.220532][T11333] XFS (loop8): Mounting V5 Filesystem
[  423.396637][T11333] XFS (loop8): Ending clean mount
[  423.595526][ T8729] XFS (loop8): Unmounting Filesystem
[  424.030396][ T4362] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  424.070363][T11290] bridge0: port 1(bridge_slave_0) entered blocking state
[  424.085130][T11290] bridge0: port 1(bridge_slave_0) entered disabled state
[  424.142101][T11290] device bridge_slave_0 entered promiscuous mode
[  424.270744][T11368] loop5: detected capacity change from 0 to 512
[  424.282100][ T4362] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  424.286996][T11368] EXT4-fs: Ignoring removed bh option
[  424.304049][T11368] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  424.321724][T11290] bridge0: port 2(bridge_slave_1) entered blocking state
[  424.329234][T11290] bridge0: port 2(bridge_slave_1) entered disabled state
[  424.345336][T11290] device bridge_slave_1 entered promiscuous mode
[  424.372420][T11368] EXT4-fs (loop5): 1 truncate cleaned up
[  424.385321][T11368] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  424.550956][ T4362] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  424.579034][T11290] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  424.682335][ T4362] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  424.704442][T11290] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  424.926141][T11290] team0: Port device team_slave_0 added
[  424.974253][T11290] team0: Port device team_slave_1 added
[  425.012635][ T4890] EXT4-fs (loop5): unmounting filesystem.
[  425.135181][   T14] usb 9-1: new high-speed USB device number 14 using dummy_hcd
[  425.156954][T11178] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  425.182751][T11178] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  425.189701][T11179] Bluetooth: hci3: command 0x040f tx timeout
[  425.240635][T11290] batman_adv: batadv0: Adding interface: batadv_slave_0
[  425.248757][T11290] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  425.321991][T11290] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  425.335514][   T14] usb 9-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  425.344246][   T14] usb 9-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  425.364891][T11178] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  425.377521][   T14] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 66
[  425.387105][   T14] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  425.388749][T11384] loop5: detected capacity change from 0 to 1024
[  425.398637][   T14] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  425.426613][   T14] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  425.437097][   T14] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  425.445619][   T14] usb 9-1: Product: syz
[  425.449869][   T14] usb 9-1: Manufacturer: syz
[  425.458857][   T14] cdc_wdm 9-1:1.0: skipping garbage
[  425.466437][   T14] cdc_wdm 9-1:1.0: skipping garbage
[  425.473059][   T14] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[  425.473409][T11384] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  425.484673][   T14] cdc_wdm 9-1:1.0: Unknown control protocol
[  425.520538][T11290] batman_adv: batadv0: Adding interface: batadv_slave_1
[  425.527926][T11290] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  425.564202][T11290] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  425.588978][T11178] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  425.698220][   T14] usb 9-1: USB disconnect, device number 14
[  425.850286][T11290] device hsr_slave_0 entered promiscuous mode
[  425.876719][T11290] device hsr_slave_1 entered promiscuous mode
[  425.892365][T11290] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  425.900286][T11290] Cannot create hsr debugfs directory
[  426.159153][T11178] 8021q: adding VLAN 0 to HW filter on device bond0
[  426.225299][ T7345] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  426.245392][ T7345] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  426.314187][T11178] 8021q: adding VLAN 0 to HW filter on device team0
[  426.382125][ T7345] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  426.406387][ T7345] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  426.421459][ T7345] bridge0: port 1(bridge_slave_0) entered blocking state
[  426.428684][ T7345] bridge0: port 1(bridge_slave_0) entered forwarding state
[  426.482784][ T7345] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  426.591302][ T7345] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  426.622359][ T7345] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  426.647834][ T7345] bridge0: port 2(bridge_slave_1) entered blocking state
[  426.655081][ T7345] bridge0: port 2(bridge_slave_1) entered forwarding state
[  426.682747][ T7345] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  426.708715][ T7345] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  426.980399][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  427.012216][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  427.086642][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  427.265862][T11179] Bluetooth: hci3: command 0x0419 tx timeout
[  427.334322][ T7345] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  427.360984][ T7345] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  427.542032][T11398] loop5: detected capacity change from 0 to 32768
[  427.582660][T11178] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  427.595518][T11178] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  427.623040][ T7345] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  427.645921][ T7345] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  427.660489][T11398] ERROR: (device loop5): jfs_readdir: JFS:Dtree error: ino = 2, bn=0, index = 4
[  427.660489][T11398] 
[  427.665941][ T7345] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  427.683122][T11398] ERROR: (device loop5): remounting filesystem as read-only
[  427.693380][T11398] ERROR: (device loop5): jfs_readdir: JFS:Dtree error: ino = 2, bn=0, index = 4
[  427.693380][T11398] 
[  427.715890][ T7345] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  427.730475][ T7345] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  428.313906][T11424] loop3: detected capacity change from 0 to 256
[  428.479237][T11427] loop5: detected capacity change from 0 to 128
[  428.497150][ T4362] device hsr_slave_0 left promiscuous mode
[  428.512487][ T4362] device hsr_slave_1 left promiscuous mode
[  428.527514][ T4362] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  428.542492][ T4362] batman_adv: batadv0: Removing interface: batadv_slave_0
[  428.543520][T11427] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  428.562560][ T4362] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  428.570305][ T4362] batman_adv: batadv0: Removing interface: batadv_slave_1
[  428.570378][T11427] ext4 filesystem being mounted at /368/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  428.609425][    C0] vkms_vblank_simulate: vblank timer overrun
[  428.616526][ T4362] device bridge_slave_1 left promiscuous mode
[  428.622781][ T4362] bridge0: port 2(bridge_slave_1) entered disabled state
[  428.644738][ T4362] device bridge_slave_0 left promiscuous mode
[  428.652955][ T4362] bridge0: port 1(bridge_slave_0) entered disabled state
[  428.698196][ T4362] device veth1_macvtap left promiscuous mode
[  428.704441][ T4362] device veth0_macvtap left promiscuous mode
[  428.716197][ T4890] EXT4-fs (loop5): unmounting filesystem.
[  428.722213][ T4362] device veth1_vlan left promiscuous mode
[  428.728669][ T4362] device veth0_vlan left promiscuous mode
[  429.666514][   T26] audit: type=1326 audit(1753321050.813:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11442 comm="syz.5.1823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ba938e9a9 code=0x7fc00000
[  430.354235][   T26] audit: type=1326 audit(1753321051.493:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11442 comm="syz.5.1823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ba938e9a9 code=0x7fc00000
[  430.873650][ T4362] team0 (unregistering): Port device team_slave_1 removed
[  431.022814][ T4362] team0 (unregistering): Port device team_slave_0 removed
[  431.157571][ T4362] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  431.256800][ T4362] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  432.539900][ T4362] bond0 (unregistering): Released all slaves
[  432.666523][T11518] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1833'.
[  432.756496][T11178] 8021q: adding VLAN 0 to HW filter on device batadv0
[  432.775263][T11449] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  432.782834][T11449] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  432.856258][T11449] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  432.883768][T11449] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  432.974764][T11290] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  433.014294][T11290] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  433.048531][T11290] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  433.087666][T11460] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  433.104588][T11460] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  433.143734][T11178] device veth0_vlan entered promiscuous mode
[  433.180466][T11290] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  433.191057][T11460] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  433.242729][T11460] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  433.256953][T11178] device veth1_vlan entered promiscuous mode
[  433.369260][T11178] device veth0_macvtap entered promiscuous mode
[  433.425871][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  433.463265][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  433.486012][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  433.498032][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  433.521488][T11178] device veth1_macvtap entered promiscuous mode
[  433.565514][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  433.573965][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  433.662866][T11178] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  433.695007][T11178] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  433.725114][T11178] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  433.745254][T11178] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  433.765178][T11178] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  433.770656][T11529] loop8: detected capacity change from 0 to 32768
[  433.785934][T11178] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  433.790392][T11529] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop8 scanned by syz.8.1837 (11529)
[  433.801699][T11178] batman_adv: batadv0: Interface activated: batadv_slave_0
[  433.824491][T11529] BTRFS info (device loop8): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  433.851664][ T4347] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  433.856402][T11529] BTRFS info (device loop8): using crc32c (crc32c-intel) checksum algorithm
[  433.863922][ T4347] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  433.874931][T11529] BTRFS info (device loop8): using free space tree
[  433.898035][T11178] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  433.924999][T11178] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  433.936354][T11178] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  433.945675][T11535] loop5: detected capacity change from 0 to 32768
[  433.947391][T11178] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  433.963485][T11178] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  433.974872][T11178] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  433.980627][T11535] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 scanned by syz.5.1839 (11535)
[  433.987520][T11178] batman_adv: batadv0: Interface activated: batadv_slave_1
[  434.016013][T11178] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  434.025036][T11178] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  434.033913][T11178] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  434.043677][T11178] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  434.054763][ T4347] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  434.071980][ T4347] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  434.097007][T11535] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  434.114887][T11535] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm
[  434.124442][T11290] 8021q: adding VLAN 0 to HW filter on device bond0
[  434.124521][T11529] BTRFS info (device loop8): enabling ssd optimizations
[  434.139595][T11535] BTRFS info (device loop5): force clearing of disk cache
[  434.195420][T11535] BTRFS info (device loop5): enabling auto defrag
[  434.229047][T11535] BTRFS info (device loop5): max_inline at 0
[  434.246373][ T4347] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  434.262369][ T4347] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  434.271922][T11535] BTRFS info (device loop5): enabling disk space caching
[  434.278456][T11290] 8021q: adding VLAN 0 to HW filter on device team0
[  434.325384][T11535] BTRFS info (device loop5): disk space caching is enabled
[  434.369823][ T4347] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  434.390103][ T4347] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  434.474608][ T4347] bridge0: port 1(bridge_slave_0) entered blocking state
[  434.482051][ T4347] bridge0: port 1(bridge_slave_0) entered forwarding state
[  434.531869][ T8729] BTRFS info (device loop8): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  434.542975][T11535] BTRFS info (device loop5): enabling ssd optimizations
[  434.562896][ T4347] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  434.582342][T11535] BTRFS info (device loop5): rebuilding free space tree
[  434.606339][T11491] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  434.624116][T11491] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  434.664392][T11491] bridge0: port 2(bridge_slave_1) entered blocking state
[  434.671626][T11491] bridge0: port 2(bridge_slave_1) entered forwarding state
[  434.673917][T11535] BTRFS info (device loop5): disabling free space tree
[  434.696240][T11491] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  434.716382][T11491] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  434.725299][T11535] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  434.742771][T11535] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  434.800784][T11290] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  434.846232][T11290] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  435.258301][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  435.340310][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  435.340676][T11593] loop3: detected capacity change from 0 to 32768
[  435.364257][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  435.382034][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  435.396646][T11593] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.1847 (11593)
[  435.430455][T11593] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  435.441936][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  435.469770][T11593] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  435.475946][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  435.489623][T11593] BTRFS info (device loop3): setting nodatacow, compression disabled
[  435.499039][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  435.518488][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  435.536093][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  435.549882][T11593] BTRFS info (device loop3): enabling ssd optimizations
[  435.559001][ T4890] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  435.571120][T11593] BTRFS info (device loop3): setting datacow
[  435.576175][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  435.596272][T11593] BTRFS info (device loop3): doing ref verification
[  435.603433][T11460] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  435.642722][T11593] BTRFS info (device loop3): force clearing of disk cache
[  435.654987][T11460] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  435.673850][T11593] BTRFS info (device loop3): turning off barriers
[  435.714465][T11593] BTRFS info (device loop3): using spread ssd allocation scheme
[  435.734488][ T4347] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  435.775185][T11460] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  435.783784][T11593] BTRFS info (device loop3): using free space tree
[  435.913857][ T4347] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  436.171164][T11593] BTRFS info (device loop3): rebuilding free space tree
[  436.281232][T11605] loop8: detected capacity change from 0 to 65536
[  436.390817][T11605] XFS (loop8): Mounting V5 Filesystem
[  436.633519][T11460] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  436.670760][   T26] audit: type=1800 audit(1753321057.813:166): pid=11593 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1847" name="file2" dev="loop3" ino=263 res=0 errno=0
[  436.672924][T11605] XFS (loop8): Ending clean mount
[  436.804332][  T126] XFS (loop8): Metadata CRC error detected at xfs_agf_read_verify+0x18d/0x250, xfs_agf block 0x1 
[  436.864061][  T126] XFS (loop8): Unmount and run xfs_repair
[  436.880345][  T126] XFS (loop8): First 128 bytes of corrupted metadata buffer:
[  436.904405][  T126] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  436.961431][  T126] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  437.007731][  T126] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  437.035460][  T126] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  437.059084][  T126] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  437.078900][T11650] netlink: 'syz.5.1848': attribute type 39 has an invalid length.
[  437.087085][  T126] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  437.102810][  T126] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  437.112708][  T126] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  437.140131][T11605] XFS (loop8): metadata I/O error in "xfs_read_agf+0x2a0/0x620" at daddr 0x1 len 1 error 74
[  437.176025][T11605] XFS (loop8): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x54e/0x9a0 (fs/xfs/xfs_trans_buf.c:296).  Shutting down filesystem.
[  437.190858][T11605] XFS (loop8): Please unmount the filesystem and rectify the problem(s)
[  437.196562][T11652] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1849'.
[  437.243439][ T4266] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  437.367136][ T8729] XFS (loop8): Unmounting Filesystem
[  437.995204][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  438.012856][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  438.024704][T11659] loop3: detected capacity change from 0 to 8192
[  438.048169][T11290] 8021q: adding VLAN 0 to HW filter on device batadv0
[  438.059575][T11659] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  438.082355][T11659] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal
[  438.093078][T11659] REISERFS (device loop3): using ordered data mode
[  438.104545][T11659] reiserfs: using flush barriers
[  438.124876][T11659] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  438.155653][T11659] REISERFS (device loop3): checking transaction log (loop3)
[  438.518054][T11659] REISERFS (device loop3): Using tea hash to sort names
[  438.535522][T11659] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[  438.655093][ T4702] usb 6-1: new full-speed USB device number 21 using dummy_hcd
[  438.875956][ T4702] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  438.905140][ T4702] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  438.938262][ T4702] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  438.976881][ T4702] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  439.033276][ T4702] usb 6-1: Product: syz
[  439.043430][ T4702] usb 6-1: Manufacturer: syz
[  439.064820][ T4702] usb 6-1: SerialNumber: syz
[  439.284770][ T4702] usb 6-1: 0:2 : does not exist
[  439.307983][ T4702] usb 6-1: 5:0: failed to get current value for ch 0 (-22)
[  439.357881][ T4702] usb 6-1: USB disconnect, device number 21
[  439.390757][T11491] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  439.411504][T11491] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  439.457902][ T4494] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  439.464395][T11290] device veth0_vlan entered promiscuous mode
[  439.478185][T11460] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  439.499709][T11460] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  439.518197][T11290] device veth1_vlan entered promiscuous mode
[  439.531321][T11460] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  439.543636][T11460] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  439.553705][T11460] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  439.599403][T11470] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  439.611085][T11470] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  439.635886][T11470] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  439.655412][ T4494] usb 3-1: Using ep0 maxpacket: 8
[  439.662469][ T4494] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  439.676902][T11290] device veth0_macvtap entered promiscuous mode
[  439.690856][ T4494] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  439.700138][T11290] device veth1_macvtap entered promiscuous mode
[  439.735740][ T4494] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  439.739812][T11290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  439.768522][T11290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  439.779588][ T4494] usb 3-1: config 0 descriptor??
[  439.788971][T11290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  439.811941][T11290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  439.835220][T11290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  439.862334][T11290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  439.908714][T11290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  439.943483][T11290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  439.981104][T11691] loop3: detected capacity change from 0 to 32768
[  439.986531][T11290] batman_adv: batadv0: Interface activated: batadv_slave_0
[  440.007685][ T4494] iowarrior 3-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  440.037120][T11491] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  440.056319][T11491] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  440.069051][ T1276] ieee802154 phy0 wpan0: encryption failed: -22
[  440.075637][ T1276] ieee802154 phy1 wpan1: encryption failed: -22
[  440.098394][T11691] XFS (loop3): Mounting V5 Filesystem
[  440.107568][T11491] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  440.128289][T11491] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  440.199289][T11290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  440.218722][T11290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  440.251788][T11290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  440.278259][T11290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  440.281081][T11691] XFS (loop3): Ending clean mount
[  440.305676][T11290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  440.315299][T11715] loop4: detected capacity change from 0 to 7
[  440.325653][T11290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  440.349229][T11290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  440.360592][T11715] Dev loop4: unable to read RDB block 7
[  440.375091][T11715]  loop4: AHDI p3 p4
[  440.379694][T11715] loop4: partition table partially beyond EOD, truncated
[  440.395211][T11290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  440.417416][T11290] batman_adv: batadv0: Interface activated: batadv_slave_1
[  440.432130][T11449] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  440.451165][T11449] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  440.463158][T11715] loop4: p3 size 4227858431 extends beyond EOD, truncated
[  440.496263][T11719] overlayfs: conflicting lowerdir path
[  440.497984][T11290] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  440.524033][T11290] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  440.539478][T11290] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  440.558680][T11290] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  440.689836][ T4266] XFS (loop3): Unmounting Filesystem
[  440.723732][T11722] loop8: detected capacity change from 0 to 512
[  440.756554][T11722] EXT4-fs (loop8): orphan cleanup on readonly fs
[  440.763086][T11449] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  440.772833][T11449] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  440.792900][T11722] EXT4-fs error (device loop8): ext4_ext_check_inode:520: inode #4: comm syz.8.1861: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  440.809159][T11460] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  440.859271][T11460] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  440.870995][T11722] EXT4-fs error (device loop8): ext4_quota_enable:7025: comm syz.8.1861: Bad quota inode: 4, type: 1
[  440.880744][T11460] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  440.904561][T11722] EXT4-fs warning (device loop8): ext4_enable_quotas:7066: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  440.935262][T11491] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  440.970762][T11722] EXT4-fs (loop8): Cannot turn on quotas: error -117
[  440.982584][T11722] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  441.002515][T11722] EXT4-fs (loop8): warning: mounting fs with errors, running e2fsck is recommended
[  441.026328][T11722] EXT4-fs warning (device loop8): ext4_multi_mount_protect:335: MMP interval 2680 higher than expected, please wait.
[  441.026328][T11722] 
[  441.071847][T11722] EXT4-fs warning (device loop8): ext4_multi_mount_protect:338: MMP startup interrupted, failing mount
[  441.071847][T11722] 
[  441.093935][T11730] loop4: detected capacity change from 0 to 128
[  441.136465][   T26] audit: type=1800 audit(1753321062.283:167): pid=11730 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1771" name="file1" dev="loop4" ino=1048678 res=0 errno=0
[  441.172085][T11730] FAT-fs (loop4): error, invalid FAT chain (i_pos 548, last_block 8)
[  441.183875][T11730] FAT-fs (loop4): Filesystem has been set read-only
[  441.198690][ T8729] EXT4-fs (loop8): unmounting filesystem.
[  441.204895][T11730] FAT-fs (loop4): error, corrupted file size (i_pos 548, 522)
[  441.241523][T11730] FAT-fs (loop4): error, corrupted file size (i_pos 548, 522)
[  441.545229][ T4494] usb 9-1: new high-speed USB device number 15 using dummy_hcd
[  441.735058][ T4494] usb 9-1: Using ep0 maxpacket: 16
[  441.742906][ T4494] usb 9-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  441.792780][ T4494] usb 9-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  441.815175][ T4494] usb 9-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  441.861255][ T4494] usb 9-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  441.885223][ T4494] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  441.893361][ T4494] usb 9-1: Product: syz
[  441.913392][ T4494] usb 9-1: Manufacturer: syz
[  441.918310][ T4494] usb 9-1: SerialNumber: syz
[  442.251356][ T4702] usb 3-1: USB disconnect, device number 5
[  442.372471][ T4494] usb 9-1: 2:1 : no or invalid class specific endpoint descriptor
[  442.395226][ T4494] usb 9-1: 2:1 : format type 0 is detected, processed as PCM
[  442.546415][T11763] loop2: detected capacity change from 0 to 1024
[  442.554404][ T4494] usb 9-1: USB disconnect, device number 15
[  442.572091][T11763] hfsplus: failed to load extents file
[  442.700270][T11766] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1863'.
[  442.750885][T11766] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1863'.
[  442.796681][T11766] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1863'.
[  442.865199][ T4281] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  442.988277][T11771] input: syz1 as /devices/virtual/input/input38
[  443.394154][T11791] loop3: detected capacity change from 0 to 1024
[  443.405375][ T4702] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  443.549414][T11796] loop8: detected capacity change from 0 to 128
[  443.556684][T11796] EXT4-fs: Ignoring removed nobh option
[  443.580523][T11796] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  443.596342][T11796] ext4 filesystem being mounted at /134/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  443.597005][ T4702] usb 3-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  443.619364][ T4702] usb 3-1: config 27 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  443.632469][ T4702] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  443.641690][ T4702] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  443.673008][ T4702] snd-usb-audio: probe of 3-1:27.0 failed with error -2
[  443.698976][T11796] EXT4-fs (loop8): shut down requested (2)
[  443.819511][ T8729] EXT4-fs (loop8): unmounting filesystem.
[  443.880840][ T4494] usb 3-1: USB disconnect, device number 6
[  443.960181][T11807] loop5: detected capacity change from 0 to 256
[  443.995419][T11807] exFAT-fs (loop5): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x09066d1f, utbl_chksum : 0xe619d30d)
[  445.076923][T11844] loop8: detected capacity change from 0 to 8192
[  445.134220][T11859] loop3: detected capacity change from 0 to 256
[  445.167875][T11859] FAT-fs (loop3): bogus number of FAT sectors
[  445.196930][T11859] FAT-fs (loop3): Can't find a valid FAT filesystem
[  445.421867][T11860] loop5: detected capacity change from 0 to 8192
[  445.470208][T11860] FAT-fs (loop5): Unrecognized mount option "appraise_type=imasig" or missing value
[  445.485290][  T126] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  445.679253][  T126] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  445.708291][  T126] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  445.764290][  T126] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[  445.782983][  T126] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  445.802533][  T126] usb 3-1: config 0 descriptor??
[  445.859284][T11885] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1912'.
[  445.886835][T11885] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1912'.
[  446.022198][T11890] loop4: detected capacity change from 0 to 128
[  446.029284][T11866] 
[  446.031672][T11866] =====================================================
[  446.038644][T11866] WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected
[  446.046148][T11866] 6.1.146-syzkaller #0 Not tainted
[  446.051387][T11866] -----------------------------------------------------
[  446.052251][T11890] EXT4-fs: Ignoring removed nobh option
[  446.058334][T11866] syz.2.1904/11866 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire:
[  446.058359][T11866] ffff88807daac2b8 (&new->fa_lock){....}-{2:2}, at: kill_fasync+0x18e/0x4b0
[  446.058419][T11866] 
[  446.058419][T11866] and this task is already holding:
[  446.058425][T11866] ffff8880766fe028 (&client->buffer_lock){....}-{2:2}, at: evdev_pass_values+0xcb/0xab0
[  446.098223][T11866] which would create a new lock dependency:
[  446.104224][T11866]  (&client->buffer_lock){....}-{2:2} -> (&new->fa_lock){....}-{2:2}
[  446.112384][T11866] 
[  446.112384][T11866] but this new dependency connects a HARDIRQ-irq-safe lock:
[  446.121857][T11866]  (&dev->event_lock#2){-...}-{2:2}
[  446.121892][T11866] 
[  446.121892][T11866] ... which became HARDIRQ-irq-safe at:
[  446.134822][T11866]   lock_acquire+0x1b4/0x490
[  446.139444][T11866]   _raw_spin_lock_irqsave+0xa4/0xf0
[  446.144756][T11866]   input_event+0x76/0xb0
[  446.149101][T11866]   psmouse_report_standard_packet+0x4f/0x200
[  446.155190][T11866]   psmouse_process_byte+0x42b/0x620
[  446.160495][T11866]   psmouse_handle_byte+0x43/0x490
[  446.165630][T11866]   psmouse_interrupt+0x699/0x1130
[  446.170770][T11866]   serio_interrupt+0x87/0x130
[  446.175559][T11866]   i8042_interrupt+0x36b/0x720
[  446.180433][T11866]   __handle_irq_event_percpu+0x298/0xa30
[  446.186253][T11866]   handle_irq_event+0x87/0x1e0
[  446.191115][T11866]   handle_edge_irq+0x243/0xb20
[  446.195993][T11866]   __common_interrupt+0xd7/0x1e0
[  446.201045][T11866]   common_interrupt+0xb0/0xd0
[  446.205842][T11866]   asm_common_interrupt+0x22/0x40
[  446.210989][T11866]   _raw_spin_unlock_irqrestore+0xa5/0x100
[  446.216820][T11866]   i8042_aux_write+0x105/0x170
[  446.221695][T11866]   ps2_do_sendbyte+0x1fb/0x6c0
[  446.226555][T11866]   ps2_sendbyte+0x5b/0x110
[  446.231074][T11866]   cypress_send_ext_cmd+0x239/0x910
[  446.236381][T11866]   cypress_detect+0x89/0x190
[  446.241098][T11866]   psmouse_extensions+0xda5/0x1510
[  446.246370][T11866]   psmouse_switch_protocol+0x300/0x820
[  446.251956][T11866]   psmouse_connect+0x8d3/0x1490
[  446.256928][T11866]   serio_driver_probe+0x76/0x90
[  446.262000][T11866]   really_probe+0x2aa/0xc70
[  446.266645][T11866]   __driver_probe_device+0x18c/0x330
[  446.272044][T11866]   driver_probe_device+0x4f/0x420
[  446.277178][T11866]   __driver_attach+0x44a/0x6e0
[  446.282049][T11866]   bus_for_each_dev+0x175/0x1e0
[  446.287004][T11866]   serio_handle_event+0x29c/0x840
[  446.292139][T11866]   process_one_work+0x898/0x1160
[  446.297179][T11866]   worker_thread+0xaa2/0x1250
[  446.302911][T11866]   kthread+0x29d/0x330
[  446.307087][T11866]   ret_from_fork+0x1f/0x30
[  446.311625][T11866] 
[  446.311625][T11866] to a HARDIRQ-irq-unsafe lock:
[  446.318678][T11866]  (tasklist_lock){.+.+}-{2:2}
[  446.318707][T11866] 
[  446.318707][T11866] ... which became HARDIRQ-irq-unsafe at:
[  446.331372][T11866] ...
[  446.331382][T11866]   lock_acquire+0x1b4/0x490
[  446.338603][T11866]   _raw_read_lock+0x32/0x40
[  446.343228][T11866]   do_wait+0x2b6/0xb60
[  446.347417][T11866]   kernel_wait+0xa8/0x160
[  446.351888][T11866]   call_usermodehelper_exec_work+0xb5/0x220
[  446.357892][T11866]   process_one_work+0x898/0x1160
[  446.362964][T11866]   worker_thread+0xaa2/0x1250
[  446.367746][T11866]   kthread+0x29d/0x330
[  446.371924][T11866]   ret_from_fork+0x1f/0x30
[  446.376448][T11866] 
[  446.376448][T11866] other info that might help us debug this:
[  446.376448][T11866] 
[  446.386692][T11866] Chain exists of:
[  446.386692][T11866]   &dev->event_lock#2 --> &client->buffer_lock --> tasklist_lock
[  446.386692][T11866] 
[  446.400384][T11866]  Possible interrupt unsafe locking scenario:
[  446.400384][T11866] 
[  446.408729][T11866]        CPU0                    CPU1
[  446.414103][T11866]        ----                    ----
[  446.419472][T11866]   lock(tasklist_lock);
[  446.423735][T11866]                                local_irq_disable();
[  446.430497][T11866]                                lock(&dev->event_lock#2);
[  446.437716][T11866]                                lock(&client->buffer_lock);
[  446.445100][T11866]   <Interrupt>
[  446.448560][T11866]     lock(&dev->event_lock#2);
[  446.453428][T11866] 
[  446.453428][T11866]  *** DEADLOCK ***
[  446.453428][T11866] 
[  446.461573][T11866] 7 locks held by syz.2.1904/11866:
[  446.466788][T11866]  #0: ffff88823bcb6910 (&evdev->mutex){+.+.}-{3:3}, at: evdev_write+0x177/0x470
[  446.475954][T11866]  #1: ffff888147ec0230 (&dev->event_lock#2){-...}-{2:2}, at: input_inject_event+0xa7/0x310
[  446.486068][T11866]  #2: ffffffff8cb2ae20 (rcu_read_lock){....}-{1:2}, at: input_inject_event+0xb8/0x310
[  446.495746][T11866]  #3: ffffffff8cb2ae20 (rcu_read_lock){....}-{1:2}, at: input_pass_values+0xa3/0x1300
[  446.505425][T11866]  #4: ffffffff8cb2ae20 (rcu_read_lock){....}-{1:2}, at: evdev_events+0x75/0x320
[  446.514598][T11866]  #5: ffff8880766fe028 (&client->buffer_lock){....}-{2:2}, at: evdev_pass_values+0xcb/0xab0
[  446.524891][T11866]  #6: ffffffff8cb2ae20 (rcu_read_lock){....}-{1:2}, at: kill_fasync+0x4f/0x4b0
[  446.533969][T11866] 
[  446.533969][T11866] the dependencies between HARDIRQ-irq-safe lock and the holding lock:
[  446.544395][T11866]  -> (&dev->event_lock#2){-...}-{2:2} {
[  446.550064][T11866]     IN-HARDIRQ-W at:
[  446.554139][T11866]                       lock_acquire+0x1b4/0x490
[  446.560580][T11866]                       _raw_spin_lock_irqsave+0xa4/0xf0
[  446.567625][T11866]                       input_event+0x76/0xb0
[  446.573702][T11866]                       psmouse_report_standard_packet+0x4f/0x200
[  446.581520][T11866]                       psmouse_process_byte+0x42b/0x620
[  446.588566][T11866]                       psmouse_handle_byte+0x43/0x490
[  446.595433][T11866]                       psmouse_interrupt+0x699/0x1130
[  446.602498][T11866]                       serio_interrupt+0x87/0x130
[  446.609023][T11866]                       i8042_interrupt+0x36b/0x720
[  446.615725][T11866]                       __handle_irq_event_percpu+0x298/0xa30
[  446.623199][T11866]                       handle_irq_event+0x87/0x1e0
[  446.629807][T11866]                       handle_edge_irq+0x243/0xb20
[  446.636411][T11866]                       __common_interrupt+0xd7/0x1e0
[  446.643199][T11866]                       common_interrupt+0xb0/0xd0
[  446.649724][T11866]                       asm_common_interrupt+0x22/0x40
[  446.656684][T11866]                       _raw_spin_unlock_irqrestore+0xa5/0x100
[  446.664248][T11866]                       i8042_aux_write+0x105/0x170
[  446.670939][T11866]                       ps2_do_sendbyte+0x1fb/0x6c0
[  446.677544][T11866]                       ps2_sendbyte+0x5b/0x110
[  446.683805][T11866]                       cypress_send_ext_cmd+0x239/0x910
[  446.690878][T11866]                       cypress_detect+0x89/0x190
[  446.697316][T11866]                       psmouse_extensions+0xda5/0x1510
[  446.704269][T11866]                       psmouse_switch_protocol+0x300/0x820
[  446.711590][T11866]                       psmouse_connect+0x8d3/0x1490
[  446.718282][T11866]                       serio_driver_probe+0x76/0x90
[  446.724981][T11866]                       really_probe+0x2aa/0xc70
[  446.731331][T11866]                       __driver_probe_device+0x18c/0x330
[  446.738545][T11866]                       driver_probe_device+0x4f/0x420
[  446.745416][T11866]                       __driver_attach+0x44a/0x6e0
[  446.752024][T11866]                       bus_for_each_dev+0x175/0x1e0
[  446.758806][T11866]                       serio_handle_event+0x29c/0x840
[  446.765689][T11866]                       process_one_work+0x898/0x1160
[  446.772472][T11866]                       worker_thread+0xaa2/0x1250
[  446.779003][T11866]                       kthread+0x29d/0x330
[  446.784930][T11866]                       ret_from_fork+0x1f/0x30
[  446.791192][T11866]     INITIAL USE at:
[  446.795183][T11866]                      lock_acquire+0x1b4/0x490
[  446.801442][T11866]                      _raw_spin_lock_irqsave+0xa4/0xf0
[  446.808402][T11866]                      input_inject_event+0xa7/0x310
[  446.815376][T11866]                      led_trigger_event+0x12f/0x210
[  446.822070][T11866]                      kbd_led_trigger_activate+0xb9/0x100
[  446.829288][T11866]                      led_trigger_set+0x504/0x900
[  446.835806][T11866]                      led_trigger_set_default+0x19c/0x1e0
[  446.843015][T11866]                      led_classdev_register_ext+0x5d3/0x7a0
[  446.850393][T11866]                      input_leds_connect+0x4e7/0x6b0
[  446.857178][T11866]                      input_register_device+0xdfd/0x1310
[  446.864304][T11866]                      atkbd_connect+0x6e9/0x980
[  446.870652][T11866]                      serio_driver_probe+0x76/0x90
[  446.877299][T11866]                      really_probe+0x2aa/0xc70
[  446.883657][T11866]                      __driver_probe_device+0x18c/0x330
[  446.890708][T11866]                      driver_probe_device+0x4f/0x420
[  446.897499][T11866]                      __driver_attach+0x44a/0x6e0
[  446.904037][T11866]                      bus_for_each_dev+0x175/0x1e0
[  446.910642][T11866]                      serio_handle_event+0x29c/0x840
[  446.917440][T11866]                      process_one_work+0x898/0x1160
[  446.924132][T11866]                      worker_thread+0xaa2/0x1250
[  446.930564][T11866]                      kthread+0x29d/0x330
[  446.936388][T11866]                      ret_from_fork+0x1f/0x30
[  446.942605][T11866]   }
[  446.945235][T11866]   ... key      at: [<ffffffff96fa6540>] input_allocate_device.__key.5+0x0/0x20
[  446.954387][T11866] -> (&client->buffer_lock){....}-{2:2} {
[  446.960145][T11866]    INITIAL USE at:
[  446.964046][T11866]                    lock_acquire+0x1b4/0x490
[  446.970135][T11866]                    _raw_spin_lock+0x2a/0x40
[  446.976232][T11866]                    evdev_pass_values+0xcb/0xab0
[  446.982683][T11866]                    evdev_events+0x1d4/0x320
[  446.988784][T11866]                    input_pass_values+0x907/0x1300
[  446.995390][T11866]                    input_event_dispose+0x346/0x6c0
[  447.002079][T11866]                    input_event+0x88/0xb0
[  447.007901][T11866]                    uinput_write+0x2e5/0xef0
[  447.014079][T11866]                    vfs_write+0x2c4/0x960
[  447.019907][T11866]                    ksys_write+0x143/0x240
[  447.025814][T11866]                    do_syscall_64+0x4c/0xa0
[  447.031807][T11866]                    entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  447.039287][T11866]  }
[  447.041801][T11866]  ... key      at: [<ffffffff96fa6800>] evdev_open.__key.29+0x0/0x20
[  447.049974][T11866]  ... acquired at:
[  447.053788][T11866]    _raw_spin_lock+0x2a/0x40
[  447.058484][T11866]    evdev_pass_values+0xcb/0xab0
[  447.063527][T11866]    evdev_events+0x1d4/0x320
[  447.068231][T11866]    input_pass_values+0x907/0x1300
[  447.073445][T11866]    input_event_dispose+0x346/0x6c0
[  447.078743][T11866]    input_event+0x88/0xb0
[  447.083180][T11866]    uinput_write+0x2e5/0xef0
[  447.087865][T11866]    vfs_write+0x2c4/0x960
[  447.092304][T11866]    ksys_write+0x143/0x240
[  447.096830][T11866]    do_syscall_64+0x4c/0xa0
[  447.101444][T11866]    entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  447.107537][T11866] 
[  447.109867][T11866] 
[  447.109867][T11866] the dependencies between the lock to be acquired
[  447.109877][T11866]  and HARDIRQ-irq-unsafe lock:
[  447.123502][T11866]   -> (tasklist_lock){.+.+}-{2:2} {
[  447.128822][T11866]      HARDIRQ-ON-R at:
[  447.133010][T11866]                         lock_acquire+0x1b4/0x490
[  447.139551][T11866]                         _raw_read_lock+0x32/0x40
[  447.146096][T11866]                         do_wait+0x2b6/0xb60
[  447.152624][T11866]                         kernel_wait+0xa8/0x160
[  447.159059][T11866]                         call_usermodehelper_exec_work+0xb5/0x220
[  447.166974][T11866]                         process_one_work+0x898/0x1160
[  447.173924][T11866]                         worker_thread+0xaa2/0x1250
[  447.180610][T11866]                         kthread+0x29d/0x330
[  447.186697][T11866]                         ret_from_fork+0x1f/0x30
[  447.193130][T11866]      SOFTIRQ-ON-R at:
[  447.197304][T11866]                         lock_acquire+0x1b4/0x490
[  447.203826][T11866]                         _raw_read_lock+0x32/0x40
[  447.210352][T11866]                         do_wait+0x2b6/0xb60
[  447.216435][T11866]                         kernel_wait+0xa8/0x160
[  447.222779][T11866]                         call_usermodehelper_exec_work+0xb5/0x220
[  447.230775][T11866]                         process_one_work+0x898/0x1160
[  447.237728][T11866]                         worker_thread+0xaa2/0x1250
[  447.244418][T11866]                         kthread+0x29d/0x330
[  447.250509][T11866]                         ret_from_fork+0x1f/0x30
[  447.256949][T11866]      INITIAL USE at:
[  447.261025][T11866]                        lock_acquire+0x1b4/0x490
[  447.267463][T11866]                        _raw_write_lock_irq+0x9f/0xe0
[  447.274329][T11866]                        copy_process+0x2531/0x4020
[  447.280932][T11866]                        kernel_clone+0x225/0x8b0
[  447.287355][T11866]                        user_mode_thread+0xda/0x130
[  447.294045][T11866]                        rest_init+0x23/0x300
[  447.300151][T11866]                        start_kernel+0x0/0x539
[  447.306419][T11866]                        start_kernel+0x490/0x539
[  447.312862][T11866]                        secondary_startup_64_no_verify+0xcf/0xdb
[  447.320689][T11866]      INITIAL READ USE at:
[  447.325214][T11866]                             lock_acquire+0x1b4/0x490
[  447.332091][T11866]                             _raw_read_lock+0x32/0x40
[  447.338962][T11866]                             do_wait+0x2b6/0xb60
[  447.345403][T11866]                             kernel_wait+0xa8/0x160
[  447.352111][T11866]                             call_usermodehelper_exec_work+0xb5/0x220
[  447.360382][T11866]                             process_one_work+0x898/0x1160
[  447.367688][T11866]                             worker_thread+0xaa2/0x1250
[  447.374730][T11866]                             kthread+0x29d/0x330
[  447.381190][T11866]                             ret_from_fork+0x1f/0x30
[  447.387978][T11866]    }
[  447.390672][T11866]    ... key      at: [<ffffffff8c80a058>] tasklist_lock+0x18/0x40
[  447.398590][T11866]    ... acquired at:
[  447.402581][T11866]    _raw_read_lock+0x32/0x40
[  447.407276][T11866]    send_sigio+0xf5/0x360
[  447.411711][T11866]    dnotify_handle_event+0x14f/0x420
[  447.417093][T11866]    fsnotify+0x18ea/0x1cc0
[  447.421619][T11866]    fsnotify_move+0x122/0x4e0
[  447.426408][T11866]    vfs_rename+0xd36/0x10d0
[  447.431019][T11866]    do_renameat2+0x89d/0xc70
[  447.435715][T11866]    __x64_sys_renameat2+0xce/0xe0
[  447.440836][T11866]    do_syscall_64+0x4c/0xa0
[  447.445440][T11866]    entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  447.451532][T11866] 
[  447.453959][T11866]  -> (&f->f_owner.lock){...-}-{2:2} {
[  447.459622][T11866]     IN-SOFTIRQ-R at:
[  447.463707][T11866]                       lock_acquire+0x1b4/0x490
[  447.470057][T11866]                       _raw_read_lock_irqsave+0xac/0xf0
[  447.477101][T11866]                       send_sigurg+0x25/0x3c0
[  447.483359][T11866]                       sk_send_sigurg+0x6b/0xc0
[  447.489700][T11866]                       tcp_check_urg+0x200/0x750
[  447.496129][T11866]                       tcp_urg+0x15d/0x3e0
[  447.502036][T11866]                       tcp_rcv_established+0xde4/0x1d30
[  447.509070][T11866]                       tcp_v4_do_rcv+0x48d/0xb00
[  447.515507][T11866]                       tcp_v4_rcv+0x2789/0x2e30
[  447.521861][T11866]                       ip_protocol_deliver_rcu+0x3ad/0x780
[  447.529169][T11866]                       ip_local_deliver_finish+0x2c7/0x510
[  447.536476][T11866]                       NF_HOOK+0x2ff/0x390
[  447.542399][T11866]                       NF_HOOK+0x2ff/0x390
[  447.548314][T11866]                       __netif_receive_skb+0xcc/0x290
[  447.555178][T11866]                       process_backlog+0x37c/0x6e0
[  447.561779][T11866]                       __napi_poll+0xc0/0x460
[  447.567946][T11866]                       net_rx_action+0x5b1/0xad0
[  447.574397][T11866]                       handle_softirqs+0x2a1/0x920
[  447.581008][T11866]                       do_softirq+0x13b/0x200
[  447.587184][T11866]                       __local_bh_enable_ip+0x174/0x1b0
[  447.594251][T11866]                       sk_stream_wait_memory+0x6ed/0xec0
[  447.601477][T11866]                       tcp_sendmsg_locked+0x15b6/0x3f10
[  447.608704][T11866]                       tcp_sendmsg+0x2b/0x40
[  447.614789][T11866]                       __sys_sendto+0x44f/0x5c0
[  447.621130][T11866]                       __x64_sys_sendto+0xda/0xf0
[  447.627679][T11866]                       do_syscall_64+0x4c/0xa0
[  447.633936][T11866]                       entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  447.641674][T11866]     INITIAL USE at:
[  447.645685][T11866]                      lock_acquire+0x1b4/0x490
[  447.651945][T11866]                      _raw_write_lock_irq+0x9f/0xe0
[  447.658638][T11866]                      __f_setown+0x37/0x330
[  447.664635][T11866]                      generic_setlease+0xf2c/0x13c0
[  447.671337][T11866]                      fcntl_setlease+0x25e/0x330
[  447.677771][T11866]                      do_fcntl+0x10c/0x11c0
[  447.683779][T11866]                      __se_sys_fcntl+0xc9/0x190
[  447.690143][T11866]                      do_syscall_64+0x4c/0xa0
[  447.696311][T11866]                      entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  447.703969][T11866]     INITIAL READ USE at:
[  447.708400][T11866]                           lock_acquire+0x1b4/0x490
[  447.715096][T11866]                           _raw_read_lock_irqsave+0xac/0xf0
[  447.722485][T11866]                           send_sigio+0x2f/0x360
[  447.728918][T11866]                           kill_fasync+0x224/0x4b0
[  447.735523][T11866]                           sock_wake_async+0x128/0x150
[  447.742477][T11866]                           sk_wake_async+0x184/0x280
[  447.749257][T11866]                           tcp_rcv_state_process+0x24d0/0x40d0
[  447.756901][T11866]                           tcp_v6_do_rcv+0x934/0x1320
[  447.763770][T11866]                           __release_sock+0x1b9/0x420
[  447.770657][T11866]                           release_sock+0x5b/0x1b0
[  447.777264][T11866]                           tcp_sendmsg+0x35/0x40
[  447.783696][T11866]                           __sys_sendto+0x44f/0x5c0
[  447.790390][T11866]                           __x64_sys_sendto+0xda/0xf0
[  447.797349][T11866]                           do_syscall_64+0x4c/0xa0
[  447.803964][T11866]                           entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  447.812051][T11866]   }
[  447.814655][T11866]   ... key      at: [<ffffffff96cad8e0>] __alloc_file.__key+0x0/0x10
[  447.822840][T11866]   ... acquired at:
[  447.826747][T11866]    _raw_read_lock_irqsave+0xac/0xf0
[  447.832242][T11866]    send_sigio+0x2f/0x360
[  447.836679][T11866]    kill_fasync+0x224/0x4b0
[  447.841288][T11866]    sock_wake_async+0x128/0x150
[  447.846249][T11866]    sk_wake_async+0x184/0x280
[  447.851024][T11866]    tcp_rcv_state_process+0x24d0/0x40d0
[  447.856666][T11866]    tcp_v6_do_rcv+0x934/0x1320
[  447.861575][T11866]    __release_sock+0x1b9/0x420
[  447.866436][T11866]    release_sock+0x5b/0x1b0
[  447.871042][T11866]    tcp_sendmsg+0x35/0x40
[  447.875480][T11866]    __sys_sendto+0x44f/0x5c0
[  447.880262][T11866]    __x64_sys_sendto+0xda/0xf0
[  447.885123][T11866]    do_syscall_64+0x4c/0xa0
[  447.889725][T11866]    entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  447.895813][T11866] 
[  447.898139][T11866] -> (&new->fa_lock){....}-{2:2} {
[  447.903311][T11866]    INITIAL USE at:
[  447.907240][T11866]                    lock_acquire+0x1b4/0x490
[  447.913346][T11866]                    _raw_write_lock_irq+0x9f/0xe0
[  447.919871][T11866]                    fasync_remove_entry+0xf0/0x1c0
[  447.926495][T11866]                    lease_modify+0x1a2/0x390
[  447.932583][T11866]                    locks_remove_file+0x492/0xdf0
[  447.939100][T11866]                    __fput+0x188/0x920
[  447.944677][T11866]                    task_work_run+0x1ca/0x250
[  447.950845][T11866]                    exit_to_user_mode_loop+0xe6/0x110
[  447.957719][T11866]                    exit_to_user_mode_prepare+0xb1/0x140
[  447.964854][T11866]                    syscall_exit_to_user_mode+0x16/0x40
[  447.971918][T11866]                    do_syscall_64+0x58/0xa0
[  447.977921][T11866]                    entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  447.985406][T11866]    INITIAL READ USE at:
[  447.989748][T11866]                         lock_acquire+0x1b4/0x490
[  447.996274][T11866]                         _raw_read_lock_irqsave+0xac/0xf0
[  448.003498][T11866]                         kill_fasync+0x18e/0x4b0
[  448.010193][T11866]                         sock_wake_async+0x128/0x150
[  448.016967][T11866]                         sk_wake_async+0x184/0x280
[  448.023576][T11866]                         tcp_rcv_state_process+0x24d0/0x40d0
[  448.031045][T11866]                         tcp_v6_do_rcv+0x934/0x1320
[  448.037743][T11866]                         __release_sock+0x1b9/0x420
[  448.044425][T11866]                         release_sock+0x5b/0x1b0
[  448.050880][T11866]                         tcp_sendmsg+0x35/0x40
[  448.057161][T11866]                         __sys_sendto+0x44f/0x5c0
[  448.063674][T11866]                         __x64_sys_sendto+0xda/0xf0
[  448.070372][T11866]                         do_syscall_64+0x4c/0xa0
[  448.076795][T11866]                         entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  448.084705][T11866]  }
[  448.087213][T11866]  ... key      at: [<ffffffff96cae560>] fasync_insert_entry.__key+0x0/0x20
[  448.095932][T11866]  ... acquired at:
[  448.099749][T11866]    _raw_read_lock_irqsave+0xac/0xf0
[  448.105153][T11866]    kill_fasync+0x18e/0x4b0
[  448.109791][T11866]    evdev_pass_values+0x54b/0xab0
[  448.114937][T11866]    evdev_events+0x1d4/0x320
[  448.119650][T11866]    input_pass_values+0x907/0x1300
[  448.124955][T11866]    input_event_dispose+0x346/0x6c0
[  448.130259][T11866]    input_inject_event+0x1f5/0x310
[  448.135478][T11866]    evdev_write+0x326/0x470
[  448.140092][T11866]    vfs_write+0x2c4/0x960
[  448.144556][T11866]    ksys_write+0x143/0x240
[  448.149080][T11866]    do_syscall_64+0x4c/0xa0
[  448.153700][T11866]    entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  448.159791][T11866] 
[  448.162149][T11866] 
[  448.162149][T11866] stack backtrace:
[  448.168048][T11866] CPU: 1 PID: 11866 Comm: syz.2.1904 Not tainted 6.1.146-syzkaller #0
[  448.176318][T11866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  448.186396][T11866] Call Trace:
[  448.189691][T11866]  <TASK>
[  448.192638][T11866]  dump_stack_lvl+0x168/0x22e
[  448.197336][T11866]  ? load_image+0x3b0/0x3b0
[  448.201865][T11866]  ? show_regs_print_info+0x12/0x12
[  448.207093][T11866]  ? load_image+0x3b0/0x3b0
[  448.211624][T11866]  ? print_shortest_lock_dependencies+0xf0/0x160
[  448.217978][T11866]  __lock_acquire+0x660b/0x7c50
[  448.222864][T11866]  ? verify_lock_unused+0x140/0x140
[  448.228123][T11866]  ? verify_lock_unused+0x140/0x140
[  448.233340][T11866]  ? do_raw_spin_unlock+0x11d/0x230
[  448.238600][T11866]  lock_acquire+0x1b4/0x490
[  448.243126][T11866]  ? kill_fasync+0x18e/0x4b0
[  448.247742][T11866]  ? read_lock_is_recursive+0x10/0x10
[  448.253140][T11866]  _raw_read_lock_irqsave+0xac/0xf0
[  448.258361][T11866]  ? kill_fasync+0x18e/0x4b0
[  448.262966][T11866]  ? _raw_read_lock+0x40/0x40
[  448.267698][T11866]  kill_fasync+0x18e/0x4b0
[  448.272138][T11866]  ? kill_fasync+0x4f/0x4b0
[  448.276770][T11866]  evdev_pass_values+0x54b/0xab0
[  448.281740][T11866]  ? evdev_pass_values+0x591/0xab0
[  448.286895][T11866]  evdev_events+0x1d4/0x320
[  448.291424][T11866]  ? evdev_events+0x75/0x320
[  448.296051][T11866]  ? evdev_event+0xd0/0xd0
[  448.300497][T11866]  input_pass_values+0x907/0x1300
[  448.305542][T11866]  ? input_pass_values+0xa3/0x1300
[  448.310673][T11866]  input_event_dispose+0x346/0x6c0
[  448.316149][T11866]  input_inject_event+0x1f5/0x310
[  448.321192][T11866]  ? input_inject_event+0xb8/0x310
[  448.326337][T11866]  evdev_write+0x326/0x470
[  448.330777][T11866]  ? evdev_read+0xb40/0xb40
[  448.335309][T11866]  ? end_current_label_crit_section+0x14b/0x170
[  448.341662][T11866]  ? common_file_perm+0x171/0x1c0
[  448.346716][T11866]  ? fsnotify_perm+0x5a/0x550
[  448.351416][T11866]  ? security_file_permission+0x75/0xa0
[  448.356994][T11866]  ? evdev_read+0xb40/0xb40
[  448.361524][T11866]  vfs_write+0x2c4/0x960
[  448.365799][T11866]  ? file_end_write+0x250/0x250
[  448.370675][T11866]  ? __fget_files+0x28/0x4d0
[  448.375285][T11866]  ? __fget_files+0x44a/0x4d0
[  448.379984][T11866]  ? __fdget_pos+0x1d4/0x360
[  448.384599][T11866]  ? ksys_write+0x71/0x240
[  448.389147][T11866]  ksys_write+0x143/0x240
[  448.393512][T11866]  ? __ia32_sys_read+0x80/0x80
[  448.398394][T11866]  ? lockdep_hardirqs_on+0x94/0x140
[  448.403711][T11866]  do_syscall_64+0x4c/0xa0
[  448.408149][T11866]  ? clear_bhb_loop+0x60/0xb0
[  448.412842][T11866]  ? clear_bhb_loop+0x60/0xb0
[  448.417540][T11866]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  448.423472][T11866] RIP: 0033:0x7fdf6958e9a9
[  448.427932][T11866] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  448.447993][T11866] RSP: 002b:00007fdf6a4c9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  448.456433][T11866] RAX: ffffffffffffffda RBX: 00007fdf697b5fa0 RCX: 00007fdf6958e9a9
[  448.464420][T11866] RDX: 0000000000001068 RSI: 0000200000000040 RDI: 0000000000000005
[  448.472412][T11866] RBP: 00007fdf69610d69 R08: 0000000000000000 R09: 0000000000000000
[  448.480406][T11866] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  448.488428][T11866] R13: 0000000000000000 R14: 00007fdf697b5fa0 R15: 00007fffeaedc228
[  448.496433][T11866]  </TASK>
[  448.524784][T11890] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  448.560923][T11890] ext4 filesystem being mounted at /17/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  448.578021][  T126] usbhid 3-1:0.0: can't add hid device: -71
[  448.584140][  T126] usbhid: probe of 3-1:0.0 failed with error -71
[  448.615395][  T126] usb 3-1: USB disconnect, device number 7
[  448.707739][T11290] EXT4-fs (loop4): unmounting filesystem.
[  452.385032][ T4281] Bluetooth: hci2: command 0x0406 tx timeout